fusionauth logo
search-interface-symbol
Downloads
Quickstarts
API Docs
SDK
search-interface-symbol
talk to an expert
Log In
talk to an expert
Navigate to...
  • Welcome
  • Getting Started
    • Getting Started
    • 5-minute Setup Guide
      • Overview
      • Docker
      • Fast Path
      • Sandbox
    • Setup Wizard & First Login
    • Register a User and Login
    • Self-service Registration
    • Start and Stop FusionAuth
    • Core Concepts
      • Overview
      • Users
      • Roles
      • Groups
      • Registrations
      • Applications
      • Tenants
      • Identity Providers
      • Authentication/Authorization
      • Integration Points
    • Example Apps
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • PHP
      • Python
      • Ruby
    • Tutorials
      • Overview
      • Express.js
      • Flutter
      • Java Spring
      • Python Django
      • Python Flask
      • React
      • Ruby on Rails
      • Ruby on Rails API
  • Installation Guide
    • Overview
    • System Requirements
    • Server Layout
    • Cloud
    • Cluster
    • Docker
    • Fast Path
    • Kubernetes
      • Overview
      • Deployment Guide
      • Minikube Setup
      • Amazon EKS Setup
      • Google GKE Setup
      • Microsoft AKS Setup
    • Kickstart™
    • Homebrew
    • Marketplaces
    • Packages
    • Database
    • FusionAuth App
    • FusionAuth Search
    • Common Configuration
  • Migration Guide
    • Overview
    • General
    • Auth0
    • Keycloak
    • Amazon Cognito
    • Firebase
    • Microsoft Azure AD B2C
    • Tutorial
  • Admin Guide
    • Overview
    • Account Portal
    • Config Management
    • Editions and Features
    • Key Rotation
    • Licensing
    • Monitoring
    • Prometheus Setup
    • Proxy Setup
    • Reference
      • Overview
      • Configuration
      • CORS
      • Data Types
      • Hosted Login Pages Cookies
      • Known Limitations
      • Password Hashes
    • Releases
    • Roadmap
    • Search And FusionAuth
    • Securing
    • Switch Search Engines
    • Technical Support
    • Troubleshooting
    • Upgrading
    • WebAuthn
  • Login Methods
    • Identity Providers
      • Overview
      • Apple
      • Epic Games
      • External JWT
        • Overview
        • Example
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
        • Overview
        • Amazon Cognito
        • Azure AD
        • Discord
        • Github
        • Okta
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • SAML v2
        • Overview
        • ADFS
        • Azure AD
        • Okta
      • SAML v2 IdP Initiated
        • Overview
        • Okta
      • Xbox
    • OIDC & OAuth 2.0
      • Overview
      • Endpoints
      • Tokens
      • OAuth Modes
      • URL Validation
      • Integrations
        • CockroachDB
        • Salesforce
    • Passwordless
      • Overview
      • Magic Links
      • WebAuthn & Passkeys
    • SAML v2 IdP
      • Overview
      • Google
      • PagerDuty
      • SendGrid
      • Tableau Cloud
      • Zendesk
  • Developer Guide
    • Overview
    • API Gateways
      • Overview
      • Amazon API Gateway
      • Kong Gateway
      • ngrok Cloud Edge
    • Client Libraries & SDKs
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • Node
      • OpenAPI
      • PHP
      • Python
      • React
      • Ruby
      • Typescript
    • Events & Webhooks
      • Overview
      • Writing a Webhook
      • Securing Webhooks
      • Events
        • Overview
        • Audit Log Create
        • Event Log Create
        • JWT Public Key Update
        • JWT Refresh
        • JWT Refresh Token Revoke
        • Kickstart Success
        • Group Create
        • Group Create Complete
        • Group Delete
        • Group Delete Complete
        • Group Update
        • Group Update Complete
        • Group Member Add
        • Group Member Add Complete
        • Group Member Remove
        • Group Member Remove Complete
        • Group Member Update
        • Group Member Update Complete
        • User Action
        • User Bulk Create
        • User Create
        • User Create Complete
        • User Deactivate
        • User Delete
        • User Delete Complete
        • User Email Update
        • User Email Verified
        • User IdP Link
        • User IdP Unlink
        • User Login Failed
        • User Login Id Dup. Create
        • User Login Id Dup. Update
        • User Login New Device
        • User Login Success
        • User Login Suspicious
        • User Password Breach
        • User Password Reset Send
        • User Password Reset Start
        • User Password Reset Success
        • User Password Update
        • User Reactivate
        • User Reg. Create
        • User Reg. Create Complete
        • User Reg. Delete
        • User Reg. Delete Complete
        • User Registration Update
        • User Reg. Update Complete
        • User Reg. Verified
        • User 2FA Method Add
        • User 2FA Method Remove
        • User Update
        • User Update Complete
    • Guides
      • Overview
      • Application Specific Email Templates
      • Authentication Tokens
      • Exposing A Local Instance
      • JSON Web Tokens
      • Key Master
      • Localization and Internationalization
      • Multi-Factor Authentication
      • Multi-Tenant
      • Passwordless
      • Registration-based Email Verification
      • Searching With Elasticsearch
      • Securing Your APIs
      • Silent Mode
      • Single Sign-on
      • Two Factor (pre 1.26)
    • Integrations
      • Overview
      • CleanSpeak
      • Kafka
      • Twilio
    • Plugins
      • Overview
      • Writing a Plugin
      • Custom Password Hashing
    • User Control & Gating
      • Overview
      • Gate Unverified Users
      • Gate Unverified Registrations
      • User Account Lockout
  • Customization
    • Email & Templates
      • Overview
      • Configure Email
      • Email Templates
      • Email Variables
      • Message Templates
    • Lambdas
      • Overview
      • Apple Reconcile
      • Client Cred. JWT Populate
      • Epic Games Reconcile
      • External JWT Reconcile
      • Facebook Reconcile
      • Google Reconcile
      • HYPR Reconcile
      • JWT Populate
      • LDAP Connector Reconcile
      • LinkedIn Reconcile
      • Nintendo Reconcile
      • OpenID Connect Reconcile
      • SAML v2 Populate
      • SAML v2 Reconcile
      • SCIM Group Req. Converter
      • SCIM Group Resp. Convtr.
      • SCIM User Req. Converter
      • SCIM User Resp. Converter
      • Self-Service Registration
      • Sony PSN Reconcile
      • Steam Reconcile
      • Twitch Reconcile
      • Twitter Reconcile
      • Xbox Reconcile
    • Messengers
      • Overview
      • Generic Messenger
      • Twilio Messenger
    • Themes
      • Overview
      • Examples
      • Helpers
      • Localization
      • Template Variables
      • Kickstart Custom Theme
  • Premium Features
    • Overview
    • Advanced Registration Forms
    • Advanced Threat Detection
    • Application Specific Themes
    • Breached Password Detection
    • Connectors
      • Overview
      • Generic Connector
      • LDAP Connector
      • FusionAuth Connector
    • Entity Management
    • SCIM
      • Overview
      • Azure AD Client
      • Okta Client
      • SCIM-SDK
    • Self Service Account Mgmt
      • Overview
      • Updating User Data & Password
      • Add Two-Factor Authenticator
      • Add Two-Factor Email
      • Add Two-Factor SMS
      • Add WebAuthn Passkey
      • Customizing
      • Bootstrapping Login
      • Troubleshooting
    • WebAuthn
  • APIs
    • Overview
    • Authentication
    • Errors
    • API Explorer
    • Actioning Users
    • API Keys
    • Applications
    • Audit Logs
    • Connectors
      • Overview
      • Generic
      • LDAP
    • Consents
    • Emails
    • Entity Management
      • Overview
      • Entities
      • Entity Types
      • Grants
    • Event Logs
    • Families
    • Forms
    • Form Fields
    • Groups
    • Hosted Backend
    • Identity Providers
      • Overview
      • Links
      • Apple
      • External JWT
      • Epic Games
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
      • SAML v2
      • SAML v2 IdP Initiated
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • Xbox
    • Integrations
    • IP Access Control Lists
    • JWT
    • Keys
    • Lambdas
    • Login
    • Message Templates
    • Messengers
      • Overview
      • Generic
      • Twilio
    • Multi-Factor/Two Factor
    • Passwordless
    • Reactor
    • Registrations
    • Reports
    • SCIM
      • Overview
      • SCIM User
      • SCIM Group
      • SCIM EnterpriseUser
      • SCIM Service Provider Config.
    • System
    • Tenants
    • Themes
    • Users
    • User Actions
    • User Action Reasons
    • User Comments
    • WebAuthn
    • Webhooks
  • Release Notes

    Themes APIs

    Overview

    This API has been available since 1.8.0

    UI login themes can be configured to enable custom branding for your FusionAuth login workflow. Themes are configured per Tenant or optionally by Application.

    The following APIs are provided to manage Themes.

    • Create a Theme

    • Retrieve a Theme

    • Search for Themes

    • Update a Theme

    • Delete a Theme

    Create a Theme

    This API is used to create a new Theme.

    Request

    Create a new Theme with a randomly generated Id

    URI

    POST /api/theme

    Create a Theme with the provided unique Id

    URI

    POST /api/theme/{themeId}

    Request Parameters

    themeId [UUID] Optional defaults to secure random UUID

    The Id to use for the new Theme. If not specified a secure random UUID will be generated.

    Request Body

    sourceThemeId [UUID] Optional

    The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.

    theme.data [Object] Optional

    An object that can hold any information about the Theme that should be persisted.

    theme.defaultMessages [String] Required

    A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file. Required if not copying an existing Theme.

    theme.localizedMessages [Map<Locale,String>] Optional

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    theme.name [String] Required

    A unique name for the Theme.

    theme.stylesheet [String] Optional

    A CSS stylesheet used to style the templates.

    theme.templates.accountEdit [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    theme.templates.accountIndex [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    theme.templates.accountTwoFactorDisable [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    theme.templates.accountTwoFactorEnable [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    theme.templates.accountTwoFactorIndex [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    theme.templates.accountWebAuthnAdd [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    theme.templates.accountWebAuthnDelete [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    theme.templates.accountWebAuthnIndex [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    theme.templates.emailComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.emailSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.emailVerificationRequired [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    theme.templates.emailVerify [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.helpers [String] Optional

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    theme.templates.index [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    theme.templates.oauth2Authorize [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    theme.templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    theme.templates.oauth2ChildRegistrationNotAllowed [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    theme.templates.oauth2ChildRegistrationNotAllowedComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    theme.templates.oauth2CompleteRegistration [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    theme.templates.oauth2Device [String] Since 1.11.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    theme.templates.oauth2DeviceComplete [String] Since 1.12.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    theme.templates.oauth2Error [String] Optional

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    theme.templates.oauth2Logout [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    theme.templates.oauth2Passwordless [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    theme.templates.oauth2Register [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    theme.templates.oauth2StartIdPLink [String] Since 1.28.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    theme.templates.oauth2TwoFactor [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    theme.templates.oauth2TwoFactorEnable [String] Since 1.42.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    theme.templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    theme.templates.oauth2TwoFactorMethods [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    theme.templates.oauth2Wait [String] Since 1.12.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    theme.templates.oauth2WebAuthn [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    theme.templates.oauth2WebAuthnReauth [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    theme.templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    theme.templates.passwordChange [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    theme.templates.passwordComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    theme.templates.passwordForgot [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    theme.templates.passwordSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    theme.templates.registrationComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.registrationSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.registrationVerificationRequired [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    theme.templates.registrationVerify [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.samlv2Logout [String] Since 1.25.0 Optional

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    theme.templates.unauthorized [String] Since 1.30.0 Optional

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Request JSON
    
    {
      "theme": {
        "data": {
          "addedBy": "richard"
        },
        "defaultMessages": "title=Login",
        "localizedMessages": {
          "fr": "title=Identifiant",
          "es": "title=Iniciar sesión"
        },
        "name": "Orange Theme",
        "templates": {
          "accountEdit": "[#ftl/]",
          "accountIndex": "[#ftl/]",
          "accountTwoFactorDisable": "[#ftl/]",
          "accountTwoFactorEnable": "[#ftl/]",
          "accountTwoFactorIndex": "[#ftl/]",
          "accountWebAuthnAdd": "[#ftl/]",
          "accountWebAuthnDelete": "[#ftl/]",
          "accountWebAuthnIndex": "[#ftl/]",
          "emailComplete": "[#ftl/]",
          "emailSent": "[#ftl/]",
          "emailVerificationRequired": "[#ftl/]",
          "emailVerify": "[#ftl/]",
          "helpers": "[#ftl/]",
          "index": "[#ftl/]",
          "oauth2Authorize": "[#ftl/]",
          "oauth2AuthorizedNotRegistered": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
          "oauth2CompleteRegistration": "[#ftl/]",
          "oauth2Device": "[#ftl/]",
          "oauth2DeviceComplete": "[#ftl/]",
          "oauth2Error": "[#ftl/]",
          "oauth2Logout": "[#ftl/]",
          "oauth2Passwordless": "[#ftl/]",
          "oauth2Register": "[#ftl/]",
          "oauth2StartIdPLink": "[#ftl/]",
          "oauth2TwoFactor": "[#ftl/]",
          "oauth2TwoFactorEnable": "[#ftl/]",
          "oauth2TwoFactorEnableComplete": "[#ftl/]",
          "oauth2TwoFactorMethods": "[#ftl/]",
          "oauth2Wait": "[#ftl/]",
          "oauth2WebAuthn": "[#ftl/]",
          "oauth2WebAuthnReauth": "[#ftl/]",
          "oauth2WebAuthnReauthEnable": "[#ftl/]",
          "passwordChange": "[#ftl/]",
          "passwordComplete": "[#ftl/]",
          "passwordForgot": "[#ftl/]",
          "passwordSent": "[#ftl/]",
          "registrationComplete": "[#ftl/]",
          "registrationSent": "[#ftl/]",
          "registrationVerificationRequired": "[#ftl/]",
          "registrationVerify": "[#ftl/]",
          "samlv2Logout": "[#ftl/]",
          "unauthorized": "[#ftl/]"
        }
      }
    }

    Response

    Table 1. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    theme.data [Object]

    An object that can hold any information about the Theme that should be persisted.

    theme.defaultMessages [String]

    A properties file formatted String containing messages used within the templates.

    theme.id [UUID]

    The unique Id of the Theme.

    theme.insertInstant [Long]

    The instant that the theme was added to the FusionAuth database.

    theme.lastUpdateInstant [Long]

    The instant that the theme was last updated in the FusionAuth database.

    theme.localizedMessages [Map<Locale,String>]

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    theme.name [String]

    A unique name for the Theme.

    theme.stylesheet [String]

    A CSS stylesheet used to style the templates.

    theme.templates.accountEdit [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    theme.templates.accountIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    theme.templates.accountTwoFactorDisable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    theme.templates.accountTwoFactorEnable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    theme.templates.accountTwoFactorIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    theme.templates.accountWebAuthnAdd [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    theme.templates.accountWebAuthnDelete [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    theme.templates.accountWebAuthnIndex [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    theme.templates.emailComplete [String]

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.emailSent [String]

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.emailVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    theme.templates.emailVerify [String]

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.helpers [String]

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    theme.templates.index [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    theme.templates.oauth2Authorize [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    theme.templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    theme.templates.oauth2ChildRegistrationNotAllowed [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    theme.templates.oauth2ChildRegistrationNotAllowedComplete [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    theme.templates.oauth2CompleteRegistration [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    theme.templates.oauth2Device [String] Since 1.11.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    theme.templates.oauth2DeviceComplete [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    theme.templates.oauth2Error [String]

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    theme.templates.oauth2Logout [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    theme.templates.oauth2Passwordless [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    theme.templates.oauth2Register [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    theme.templates.oauth2StartIdPLink [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    theme.templates.oauth2TwoFactor [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    theme.templates.oauth2TwoFactorEnable [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    theme.templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    theme.templates.oauth2TwoFactorMethods [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    theme.templates.oauth2Wait [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    theme.templates.oauth2WebAuthn [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    theme.templates.oauth2WebAuthnReauth [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    theme.templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    theme.templates.passwordChange [String]

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    theme.templates.passwordComplete [String]

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    theme.templates.passwordForgot [String]

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    theme.templates.passwordSent [String]

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    theme.templates.registrationComplete [String]

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.registrationSent [String]

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.registrationVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    theme.templates.registrationVerify [String]

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.samlv2Logout [String] Since 1.25.0

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    theme.templates.unauthorized [String] Since 1.30.0

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Response JSON
    
    {
      "theme": {
        "data": {
          "addedBy": "richard"
        },
        "defaultMessages": "title=Login",
        "id": "64773453-bb11-457b-a3d6-7475ec2259d0",
        "insertInstant": 1564006815352,
        "lastUpdateInstant": 1564084258150,
        "localizedMessages": {
          "fr": "title=Identifiant",
          "es": "title=Iniciar sesión"
        },
        "name": "Orange Theme",
        "stylesheet": "h1 {\r\n  color: orange;\r\n  text-align: center;\r\n}",
        "templates": {
          "accountEdit": "[#ftl/]",
          "accountIndex": "[#ftl/]",
          "accountTwoFactorDisable": "[#ftl/]",
          "accountTwoFactorEnable": "[#ftl/]",
          "accountTwoFactorIndex": "[#ftl/]",
          "accountWebAuthnAdd": "[#ftl/]",
          "accountWebAuthnDelete": "[#ftl/]",
          "accountWebAuthnIndex": "[#ftl/]",
          "emailComplete": "[#ftl/]",
          "emailSent": "[#ftl/]",
          "emailVerificationRequired": "[#ftl/]",
          "emailVerify": "[#ftl/]",
          "helpers": "[#ftl/]",
          "index": "[#ftl/]",
          "oauth2Authorize": "[#ftl/]",
          "oauth2AuthorizedNotRegistered": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
          "oauth2CompleteRegistration": "[#ftl/]",
          "oauth2Device": "[#ftl/]",
          "oauth2DeviceComplete": "[#ftl/]",
          "oauth2Error": "[#ftl/]",
          "oauth2Logout": "[#ftl/]",
          "oauth2Passwordless": "[#ftl/]",
          "oauth2Register": "[#ftl/]",
          "oauth2StartIdPLink": "[#ftl/]",
          "oauth2TwoFactor": "[#ftl/]",
          "oauth2TwoFactorEnable": "[#ftl/]",
          "oauth2TwoFactorEnableComplete": "[#ftl/]",
          "oauth2TwoFactorMethods": "[#ftl/]",
          "oauth2Wait": "[#ftl/]",
          "oauth2WebAuthn": "[#ftl/]",
          "oauth2WebAuthnReauth": "[#ftl/]",
          "oauth2WebAuthnReauthEnable": "[#ftl/]",
          "passwordChange": "[#ftl/]",
          "passwordComplete": "[#ftl/]",
          "passwordForgot": "[#ftl/]",
          "passwordSent": "[#ftl/]",
          "registrationComplete": "[#ftl/]",
          "registrationSent": "[#ftl/]",
          "registrationVerificationRequired": "[#ftl/]",
          "registrationVerify": "[#ftl/]",
          "samlv2Logout": "[#ftl/]",
          "unauthorized": "[#ftl/]"
        }
      }
    }

    Retrieve a Theme

    This API is used to retrieve a single Theme by unique Id or all of the Themes.

    Request

    Retrieve all of the Themes

    URI

    GET /api/theme

    Retrieve a Theme by Id

    URI

    GET /api/theme/{themeId}

    Request Parameters

    themeId [UUID] Required

    The unique Id of the Theme to retrieve.

    Response

    The response for this API contains either a single Theme or all of the Themes. When you call this API with an Id the response will contain a single Theme. When you call this API without an Id the response will contain all of the themes. Both response types are defined below along with an example JSON response.

    Table 2. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you requested doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    theme.data [Object]

    An object that can hold any information about the Theme that should be persisted.

    theme.defaultMessages [String]

    A properties file formatted String containing messages used within the templates.

    theme.id [UUID]

    The unique Id of the Theme.

    theme.insertInstant [Long]

    The instant that the theme was added to the FusionAuth database.

    theme.lastUpdateInstant [Long]

    The instant that the theme was last updated in the FusionAuth database.

    theme.localizedMessages [Map<Locale,String>]

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    theme.name [String]

    A unique name for the Theme.

    theme.stylesheet [String]

    A CSS stylesheet used to style the templates.

    theme.templates.accountEdit [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    theme.templates.accountIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    theme.templates.accountTwoFactorDisable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    theme.templates.accountTwoFactorEnable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    theme.templates.accountTwoFactorIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    theme.templates.accountWebAuthnAdd [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    theme.templates.accountWebAuthnDelete [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    theme.templates.accountWebAuthnIndex [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    theme.templates.emailComplete [String]

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.emailSent [String]

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.emailVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    theme.templates.emailVerify [String]

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.helpers [String]

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    theme.templates.index [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    theme.templates.oauth2Authorize [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    theme.templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    theme.templates.oauth2ChildRegistrationNotAllowed [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    theme.templates.oauth2ChildRegistrationNotAllowedComplete [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    theme.templates.oauth2CompleteRegistration [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    theme.templates.oauth2Device [String] Since 1.11.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    theme.templates.oauth2DeviceComplete [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    theme.templates.oauth2Error [String]

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    theme.templates.oauth2Logout [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    theme.templates.oauth2Passwordless [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    theme.templates.oauth2Register [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    theme.templates.oauth2StartIdPLink [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    theme.templates.oauth2TwoFactor [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    theme.templates.oauth2TwoFactorEnable [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    theme.templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    theme.templates.oauth2TwoFactorMethods [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    theme.templates.oauth2Wait [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    theme.templates.oauth2WebAuthn [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    theme.templates.oauth2WebAuthnReauth [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    theme.templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    theme.templates.passwordChange [String]

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    theme.templates.passwordComplete [String]

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    theme.templates.passwordForgot [String]

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    theme.templates.passwordSent [String]

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    theme.templates.registrationComplete [String]

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.registrationSent [String]

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.registrationVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    theme.templates.registrationVerify [String]

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.samlv2Logout [String] Since 1.25.0

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    theme.templates.unauthorized [String] Since 1.30.0

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Response JSON
    
    {
      "theme": {
        "data": {
          "addedBy": "richard"
        },
        "defaultMessages": "title=Login",
        "id": "64773453-bb11-457b-a3d6-7475ec2259d0",
        "insertInstant": 1564006815352,
        "lastUpdateInstant": 1564084258150,
        "localizedMessages": {
          "fr": "title=Identifiant",
          "es": "title=Iniciar sesión"
        },
        "name": "Orange Theme",
        "stylesheet": "h1 {\r\n  color: orange;\r\n  text-align: center;\r\n}",
        "templates": {
          "accountEdit": "[#ftl/]",
          "accountIndex": "[#ftl/]",
          "accountTwoFactorDisable": "[#ftl/]",
          "accountTwoFactorEnable": "[#ftl/]",
          "accountTwoFactorIndex": "[#ftl/]",
          "accountWebAuthnAdd": "[#ftl/]",
          "accountWebAuthnDelete": "[#ftl/]",
          "accountWebAuthnIndex": "[#ftl/]",
          "emailComplete": "[#ftl/]",
          "emailSent": "[#ftl/]",
          "emailVerificationRequired": "[#ftl/]",
          "emailVerify": "[#ftl/]",
          "helpers": "[#ftl/]",
          "index": "[#ftl/]",
          "oauth2Authorize": "[#ftl/]",
          "oauth2AuthorizedNotRegistered": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
          "oauth2CompleteRegistration": "[#ftl/]",
          "oauth2Device": "[#ftl/]",
          "oauth2DeviceComplete": "[#ftl/]",
          "oauth2Error": "[#ftl/]",
          "oauth2Logout": "[#ftl/]",
          "oauth2Passwordless": "[#ftl/]",
          "oauth2Register": "[#ftl/]",
          "oauth2StartIdPLink": "[#ftl/]",
          "oauth2TwoFactor": "[#ftl/]",
          "oauth2TwoFactorEnable": "[#ftl/]",
          "oauth2TwoFactorEnableComplete": "[#ftl/]",
          "oauth2TwoFactorMethods": "[#ftl/]",
          "oauth2Wait": "[#ftl/]",
          "oauth2WebAuthn": "[#ftl/]",
          "oauth2WebAuthnReauth": "[#ftl/]",
          "oauth2WebAuthnReauthEnable": "[#ftl/]",
          "passwordChange": "[#ftl/]",
          "passwordComplete": "[#ftl/]",
          "passwordForgot": "[#ftl/]",
          "passwordSent": "[#ftl/]",
          "registrationComplete": "[#ftl/]",
          "registrationSent": "[#ftl/]",
          "registrationVerificationRequired": "[#ftl/]",
          "registrationVerify": "[#ftl/]",
          "samlv2Logout": "[#ftl/]",
          "unauthorized": "[#ftl/]"
        }
      }
    }

    Response Body

    themes [Array]

    The list of Theme objects.

    themes[x].data [Object]

    An object that can hold any information about the Theme that should be persisted.

    themes[x].defaultMessages [Integer]

    A properties file formatted String containing messages used within the templates.

    themes[x].id [UUID]

    The unique Id of the Theme.

    themes[x].insertInstant [Long]

    The instant that the theme was added to the FusionAuth database.

    themes[x].lastUpdateInstant [Long]

    The instant that the theme was last updated in the FusionAuth database.

    themes[x].localizedMessages [Map<Locale,String>]

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    themes[x].name [String]

    A unique name for the Theme.

    themes[x].stylesheet [String] Optional

    A CSS stylesheet used to style the templates.

    themes[x].templates.accountEdit [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    themes[x].templates.accountIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    themes[x].templates.accountTwoFactorDisable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    themes[x].templates.accountTwoFactorEnable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    themes[x].templates.accountTwoFactorIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    themes[x].templates.accountWebAuthnAdd [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    themes[x].templates.accountWebAuthnDelete [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    themes[x].templates.accountWebAuthnIndex [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    themes[x].templates.emailComplete [String]

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    themes[x].templates.emailSent [String]

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    themes[x].templates.emailVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    themes[x].templates.emailVerify [String]

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    themes[x].templates.helpers [String]

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    themes[x].templates.index [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    themes[x].templates.oauth2Authorize [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    themes[x].templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    themes[x].templates.oauth2ChildRegistrationNotAllowed [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    themes[x].templates.oauth2ChildRegistrationNotAllowedComplete [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    themes[x].templates.oauth2CompleteRegistration [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    themes[x].templates.oauth2Device [String] Since 1.11.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    themes[x].templates.oauth2DeviceComplete [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    themes[x].templates.oauth2Error [String]

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    themes[x].templates.oauth2Logout [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    themes[x].templates.oauth2Passwordless [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    themes[x].templates.oauth2Register [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    themes[x].templates.oauth2StartIdPLink [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    themes[x].templates.oauth2TwoFactor [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    themes[x].templates.oauth2TwoFactorEnable [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    themes[x].templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    themes[x].templates.oauth2TwoFactorMethods [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    themes[x].templates.oauth2Wait [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    themes[x].templates.oauth2WebAuthn [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    themes[x].templates.oauth2WebAuthnReauth [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    themes[x].templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    themes[x].templates.passwordChange [String]

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    themes[x].templates.passwordComplete [String]

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    themes[x].templates.passwordForgot [String]

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    themes[x].templates.passwordSent [String]

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    themes[x].templates.registrationComplete [String]

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    themes[x].templates.registrationSent [String]

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    themes[x].templates.registrationVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    themes[x].templates.registrationVerify [String]

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    themes[x].templates.samlv2Logout [String] Since 1.25.0

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    themes[x].templates.unauthorized [String] Since 1.30.0

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Response JSON
    
    {
      "themes": [
        {
          "data": {
            "addedBy": "richard"
          },
          "defaultMessages": "title=Login",
          "id": "64773453-bb11-457b-a3d6-7475ec2259d0",
          "insertInstant": 1564006815352,
          "lastUpdateInstant": 1564084258150,
          "localizedMessages": {
            "fr": "title=Identifiant",
            "es": "title=Iniciar sesión"
          },
          "name": "Orange Theme",
          "stylesheet": "h1 {\r\n  color: orange;\r\n  text-align: center;\r\n}",
          "templates": {
            "accountEdit": "[#ftl/]",
            "accountIndex": "[#ftl/]",
            "accountTwoFactorDisable": "[#ftl/]",
            "accountTwoFactorEnable": "[#ftl/]",
            "accountTwoFactorIndex": "[#ftl/]",
            "accountWebAuthnAdd": "[#ftl/]",
            "accountWebAuthnDelete": "[#ftl/]",
            "accountWebAuthnIndex": "[#ftl/]",
            "emailComplete": "[#ftl/]",
            "emailSent": "[#ftl/]",
            "emailVerificationRequired": "[#ftl/]",
            "emailVerify": "[#ftl/]",
            "helpers": "[#ftl/]",
            "index": "[#ftl/]",
            "oauth2Authorize": "[#ftl/]",
            "oauth2AuthorizedNotRegistered": "[#ftl/]",
            "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
            "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
            "oauth2CompleteRegistration": "[#ftl/]",
            "oauth2Device": "[#ftl/]",
            "oauth2DeviceComplete": "[#ftl/]",
            "oauth2Error": "[#ftl/]",
            "oauth2Logout": "[#ftl/]",
            "oauth2Passwordless": "[#ftl/]",
            "oauth2Register": "[#ftl/]",
            "oauth2StartIdPLink": "[#ftl/]",
            "oauth2TwoFactor": "[#ftl/]",
            "oauth2TwoFactorEnable": "[#ftl/]",
            "oauth2TwoFactorEnableComplete": "[#ftl/]",
            "oauth2TwoFactorMethods": "[#ftl/]",
            "oauth2Wait": "[#ftl/]",
            "oauth2WebAuthn": "[#ftl/]",
            "oauth2WebAuthnReauth": "[#ftl/]",
            "oauth2WebAuthnReauthEnable": "[#ftl/]",
            "passwordChange": "[#ftl/]",
            "passwordComplete": "[#ftl/]",
            "passwordForgot": "[#ftl/]",
            "passwordSent": "[#ftl/]",
            "registrationComplete": "[#ftl/]",
            "registrationSent": "[#ftl/]",
            "registrationVerificationRequired": "[#ftl/]",
            "registrationVerify": "[#ftl/]",
            "samlv2Logout": "[#ftl/]",
            "unauthorized": "[#ftl/]"
          }
        },
        {
          "id": "75a068fd-e94b-451a-9aeb-3ddb9a3b5987",
          "insertInstant": 1563999505859,
          "lastUpdateInstant": 1564005677559,
          "name": "Default Theme"
        }
      ]
    }

    Search for Themes

    This API has been available since 1.45.0

    This API is used to search for Themes and may be called using the GET or POST HTTP methods. Examples of each are provided below. The POST method is provided to allow for a richer request object without worrying about exceeding the maximum length of a URL. Calling this API with either the GET or POST HTTP method will provide the same search results given the same query parameters.

    Request

    Search for Themes

    URI

    GET /api/theme/search?name={name}

    Request Parameters

    name [String] Optional

    The case-insensitive string to search for in the Theme name. This can contain wildcards using the asterisk character (*). If no wildcards are present, the search criteria will be interpreted as *value*.

    numberOfResults [Integer] Optional defaults to 25

    The number of results to return from the search.

    orderBy [String] Optional defaults to name ASC

    The database field to order the search results as well as an order direction.

    The possible values are:

    • id - the unique Id of the Theme

    • insertInstant - the instant when the Theme was created

    • name - the Theme name

    The order direction is optional. Possible values of the order direction are ASC or DESC. If omitted, the default sort order is ASC.

    For example, to order the results by the insert instant in a descending order, use insertInstant DESC.

    startRow [Integer] Optional defaults to 0

    The offset into the total results. In order to paginate the results, increment this value by the numberOfResults for subsequent requests.

    For example, if the total search results are greater than the page size designated by numberOfResults, set this value to 25 to retrieve results 26-50, assuming the default page size. :parameter_prefix!:

    Search for Themes

    URI

    POST /api/theme/search

    When calling the API using a POST request you will send the search criteria in a JSON request body.

    Request Body

    search.name [String] Optional

    The case-insensitive string to search for in the Theme name. This can contain wildcards using the asterisk character (*). If no wildcards are present, the search criteria will be interpreted as *value*.

    search.numberOfResults [Integer] Optional defaults to 25

    The number of results to return from the search.

    search.orderBy [String] Optional defaults to name ASC

    The database field to order the search results as well as an order direction.

    The possible values are:

    • id - the unique Id of the Theme

    • insertInstant - the instant when the Theme was created

    • name - the Theme name

    The order direction is optional. Possible values of the order direction are ASC or DESC. If omitted, the default sort order is ASC.

    For example, to order the results by the insert instant in a descending order, use insertInstant DESC.

    search.startRow [Integer] Optional defaults to 0

    The offset into the total results. In order to paginate the results, increment this value by the numberOfResults for subsequent requests.

    For example, if the total search results are greater than the page size designated by numberOfResults, set this value to 25 to retrieve results 26-50, assuming the default page size. :parameter_prefix!:

    Example JSON Request
    
    {
      "search": {
        "name": "Orange",
        "numberOfResults": 25,
        "orderBy": "insertInstant",
        "startRow": 0
      }
    }

    Response

    The response for this API contains the Themes matching the search criteria in paginated format.

    Table 3. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    Response Body

    themes [Array]

    The list of Theme objects.

    themes[x].data [Object]

    An object that can hold any information about the Theme that should be persisted.

    themes[x].defaultMessages [Integer]

    A properties file formatted String containing messages used within the templates.

    themes[x].id [UUID]

    The unique Id of the Theme.

    themes[x].insertInstant [Long]

    The instant that the theme was added to the FusionAuth database.

    themes[x].lastUpdateInstant [Long]

    The instant that the theme was last updated in the FusionAuth database.

    themes[x].localizedMessages [Map<Locale,String>]

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    themes[x].name [String]

    A unique name for the Theme.

    themes[x].stylesheet [String] Optional

    A CSS stylesheet used to style the templates.

    themes[x].templates.accountEdit [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    themes[x].templates.accountIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    themes[x].templates.accountTwoFactorDisable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    themes[x].templates.accountTwoFactorEnable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    themes[x].templates.accountTwoFactorIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    themes[x].templates.accountWebAuthnAdd [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    themes[x].templates.accountWebAuthnDelete [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    themes[x].templates.accountWebAuthnIndex [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    themes[x].templates.emailComplete [String]

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    themes[x].templates.emailSent [String]

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    themes[x].templates.emailVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    themes[x].templates.emailVerify [String]

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    themes[x].templates.helpers [String]

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    themes[x].templates.index [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    themes[x].templates.oauth2Authorize [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    themes[x].templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    themes[x].templates.oauth2ChildRegistrationNotAllowed [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    themes[x].templates.oauth2ChildRegistrationNotAllowedComplete [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    themes[x].templates.oauth2CompleteRegistration [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    themes[x].templates.oauth2Device [String] Since 1.11.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    themes[x].templates.oauth2DeviceComplete [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    themes[x].templates.oauth2Error [String]

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    themes[x].templates.oauth2Logout [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    themes[x].templates.oauth2Passwordless [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    themes[x].templates.oauth2Register [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    themes[x].templates.oauth2StartIdPLink [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    themes[x].templates.oauth2TwoFactor [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    themes[x].templates.oauth2TwoFactorEnable [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    themes[x].templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    themes[x].templates.oauth2TwoFactorMethods [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    themes[x].templates.oauth2Wait [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    themes[x].templates.oauth2WebAuthn [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    themes[x].templates.oauth2WebAuthnReauth [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    themes[x].templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    themes[x].templates.passwordChange [String]

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    themes[x].templates.passwordComplete [String]

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    themes[x].templates.passwordForgot [String]

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    themes[x].templates.passwordSent [String]

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    themes[x].templates.registrationComplete [String]

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    themes[x].templates.registrationSent [String]

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    themes[x].templates.registrationVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    themes[x].templates.registrationVerify [String]

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    themes[x].templates.samlv2Logout [String] Since 1.25.0

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    themes[x].templates.unauthorized [String] Since 1.30.0

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    total [Integer]

    The total number of Themes matching the search criteria. Use this value along with the numberOfResults and startRow in the Search request to perform pagination.

    Example Response JSON for Theme Search
    
    {
      "themes": [
        {
          "data": {
            "addedBy": "richard"
          },
          "defaultMessages": "title=Login",
          "id": "64773453-bb11-457b-a3d6-7475ec2259d0",
          "insertInstant": 1564006815352,
          "lastUpdateInstant": 1564084258150,
          "localizedMessages": {
            "fr": "title=Identifiant",
            "es": "title=Iniciar sesión"
          },
          "name": "Orange Theme",
          "stylesheet": "h1 {\r\n  color: orange;\r\n  text-align: center;\r\n}",
          "templates": {
            "accountEdit": "[#ftl/]",
            "accountIndex": "[#ftl/]",
            "accountTwoFactorDisable": "[#ftl/]",
            "accountTwoFactorEnable": "[#ftl/]",
            "accountTwoFactorIndex": "[#ftl/]",
            "accountWebAuthnAdd": "[#ftl/]",
            "accountWebAuthnDelete": "[#ftl/]",
            "accountWebAuthnIndex": "[#ftl/]",
            "emailComplete": "[#ftl/]",
            "emailSent": "[#ftl/]",
            "emailVerificationRequired": "[#ftl/]",
            "emailVerify": "[#ftl/]",
            "helpers": "[#ftl/]",
            "index": "[#ftl/]",
            "oauth2Authorize": "[#ftl/]",
            "oauth2AuthorizedNotRegistered": "[#ftl/]",
            "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
            "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
            "oauth2CompleteRegistration": "[#ftl/]",
            "oauth2Device": "[#ftl/]",
            "oauth2DeviceComplete": "[#ftl/]",
            "oauth2Error": "[#ftl/]",
            "oauth2Logout": "[#ftl/]",
            "oauth2Passwordless": "[#ftl/]",
            "oauth2Register": "[#ftl/]",
            "oauth2StartIdPLink": "[#ftl/]",
            "oauth2TwoFactor": "[#ftl/]",
            "oauth2TwoFactorEnable": "[#ftl/]",
            "oauth2TwoFactorEnableComplete": "[#ftl/]",
            "oauth2TwoFactorMethods": "[#ftl/]",
            "oauth2Wait": "[#ftl/]",
            "oauth2WebAuthn": "[#ftl/]",
            "oauth2WebAuthnReauth": "[#ftl/]",
            "oauth2WebAuthnReauthEnable": "[#ftl/]",
            "passwordChange": "[#ftl/]",
            "passwordComplete": "[#ftl/]",
            "passwordForgot": "[#ftl/]",
            "passwordSent": "[#ftl/]",
            "registrationComplete": "[#ftl/]",
            "registrationSent": "[#ftl/]",
            "registrationVerificationRequired": "[#ftl/]",
            "registrationVerify": "[#ftl/]",
            "samlv2Logout": "[#ftl/]",
            "unauthorized": "[#ftl/]"
          }
        }
      ],
      "total": 1
    }

    Update a Theme

    This API is used to update an existing Theme.

    You must specify the Id of the Theme you are updating on the URI.

    You must specify all of the properties of the Theme when calling this API with the PUT HTTP method. When used with PUT, this API doesn’t merge the existing Theme and your new data. It replaces the existing Theme with your new data.

    Utilize the PATCH HTTP method to send specific changes to merge into an existing Theme.

    Request

    Update the Theme with the given Id

    URI

    PUT /api/theme/{themeId}

    PATCH /api/theme/{themeId}

    Available since 1.39.0

    When using the PATCH method, you can either use the same request body documentation that is provided for the PUT request for backward compatibility. Or you may use either JSON Patch/RFC 6902 or JSON Merge Patch/RFC 7396. See the PATCH documentation for more information.

    Available since 1.12.0

    When using the PATCH method, use the same request body documentation that is provided for the PUT request. The PATCH method will merge the provided request parameters into the existing object, this means all parameters are optional when using the PATCH method and you only provide the values you want changed. A null value can be used to remove a value. Patching an Array will result in all values from the new list being appended to the existing list, this is a known limitation to the current implementation of PATCH.

     

    Request Parameters

    themeId [UUID] Required

    The unique Id of the Theme to update.

    Request Body

    theme.data [Object] Optional

    An object that can hold any information about the Theme that should be persisted.

    theme.defaultMessages [String] Required

    A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file. Required if not copying an existing Theme.

    theme.localizedMessages [Map<Locale,String>] Optional

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    theme.name [String] Required

    A unique name for the Theme.

    theme.stylesheet [String] Optional

    A CSS stylesheet used to style the templates.

    theme.templates.accountEdit [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    theme.templates.accountIndex [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    theme.templates.accountTwoFactorDisable [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    theme.templates.accountTwoFactorEnable [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    theme.templates.accountTwoFactorIndex [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    theme.templates.accountWebAuthnAdd [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    theme.templates.accountWebAuthnDelete [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    theme.templates.accountWebAuthnIndex [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    theme.templates.emailComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.emailSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.emailVerificationRequired [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    theme.templates.emailVerify [String] Optional

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.helpers [String] Optional

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    theme.templates.index [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    theme.templates.oauth2Authorize [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    theme.templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    theme.templates.oauth2ChildRegistrationNotAllowed [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    theme.templates.oauth2ChildRegistrationNotAllowedComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    theme.templates.oauth2CompleteRegistration [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    theme.templates.oauth2Device [String] Since 1.11.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    theme.templates.oauth2DeviceComplete [String] Since 1.12.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    theme.templates.oauth2Error [String] Optional

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    theme.templates.oauth2Logout [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    theme.templates.oauth2Passwordless [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    theme.templates.oauth2Register [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    theme.templates.oauth2StartIdPLink [String] Since 1.28.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    theme.templates.oauth2TwoFactor [String] Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    theme.templates.oauth2TwoFactorEnable [String] Since 1.42.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    theme.templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    theme.templates.oauth2TwoFactorMethods [String] Since 1.26.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    theme.templates.oauth2Wait [String] Since 1.12.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    theme.templates.oauth2WebAuthn [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    theme.templates.oauth2WebAuthnReauth [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    theme.templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0 Optional

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    theme.templates.passwordChange [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    theme.templates.passwordComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    theme.templates.passwordForgot [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    theme.templates.passwordSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    theme.templates.registrationComplete [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.registrationSent [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.registrationVerificationRequired [String] Since 1.27.0 Optional

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    theme.templates.registrationVerify [String] Optional

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.samlv2Logout [String] Since 1.25.0 Optional

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    theme.templates.unauthorized [String] Since 1.30.0 Optional

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Request JSON
    
    {
      "theme": {
        "data": {
          "addedBy": "richard"
        },
        "defaultMessages": "title=Login",
        "localizedMessages": {
          "fr": "title=Identifiant",
          "es": "title=Iniciar sesión"
        },
        "name": "Orange Theme",
        "templates": {
          "accountEdit": "[#ftl/]",
          "accountIndex": "[#ftl/]",
          "accountTwoFactorDisable": "[#ftl/]",
          "accountTwoFactorEnable": "[#ftl/]",
          "accountTwoFactorIndex": "[#ftl/]",
          "accountWebAuthnAdd": "[#ftl/]",
          "accountWebAuthnDelete": "[#ftl/]",
          "accountWebAuthnIndex": "[#ftl/]",
          "emailComplete": "[#ftl/]",
          "emailSent": "[#ftl/]",
          "emailVerificationRequired": "[#ftl/]",
          "emailVerify": "[#ftl/]",
          "helpers": "[#ftl/]",
          "index": "[#ftl/]",
          "oauth2Authorize": "[#ftl/]",
          "oauth2AuthorizedNotRegistered": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
          "oauth2CompleteRegistration": "[#ftl/]",
          "oauth2Device": "[#ftl/]",
          "oauth2DeviceComplete": "[#ftl/]",
          "oauth2Error": "[#ftl/]",
          "oauth2Logout": "[#ftl/]",
          "oauth2Passwordless": "[#ftl/]",
          "oauth2Register": "[#ftl/]",
          "oauth2StartIdPLink": "[#ftl/]",
          "oauth2TwoFactor": "[#ftl/]",
          "oauth2TwoFactorEnable": "[#ftl/]",
          "oauth2TwoFactorEnableComplete": "[#ftl/]",
          "oauth2TwoFactorMethods": "[#ftl/]",
          "oauth2Wait": "[#ftl/]",
          "oauth2WebAuthn": "[#ftl/]",
          "oauth2WebAuthnReauth": "[#ftl/]",
          "oauth2WebAuthnReauthEnable": "[#ftl/]",
          "passwordChange": "[#ftl/]",
          "passwordComplete": "[#ftl/]",
          "passwordForgot": "[#ftl/]",
          "passwordSent": "[#ftl/]",
          "registrationComplete": "[#ftl/]",
          "registrationSent": "[#ftl/]",
          "registrationVerificationRequired": "[#ftl/]",
          "registrationVerify": "[#ftl/]",
          "samlv2Logout": "[#ftl/]",
          "unauthorized": "[#ftl/]"
        }
      }
    }

    Response

    The response for this API contains the Theme that was updated.

    Table 4. Response Codes
    Code Description

    200

    The request was successful. The response will contain a JSON body.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to update doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Response Body

    theme.data [Object]

    An object that can hold any information about the Theme that should be persisted.

    theme.defaultMessages [String]

    A properties file formatted String containing messages used within the templates.

    theme.id [UUID]

    The unique Id of the Theme.

    theme.insertInstant [Long]

    The instant that the theme was added to the FusionAuth database.

    theme.lastUpdateInstant [Long]

    The instant that the theme was last updated in the FusionAuth database.

    theme.localizedMessages [Map<Locale,String>]

    A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.

    theme.name [String]

    A unique name for the Theme.

    theme.stylesheet [String]

    A CSS stylesheet used to style the templates.

    theme.templates.accountEdit [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.

    theme.templates.accountIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.

    theme.templates.accountTwoFactorDisable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.

    theme.templates.accountTwoFactorEnable [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page displays recovery codes when a user enables multi-factor authentication for the first time.

    theme.templates.accountTwoFactorIndex [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.

    theme.templates.accountWebAuthnAdd [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.

    theme.templates.accountWebAuthnDelete [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.

    theme.templates.accountWebAuthnIndex [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.

    theme.templates.emailComplete [String]

    A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.emailSent [String]

    A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.emailVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.

    theme.templates.emailVerify [String]

    A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.helpers [String]

    A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.

    theme.templates.index [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.

    theme.templates.oauth2Authorize [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.

    theme.templates.oauth2AuthorizedNotRegistered [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.

    theme.templates.oauth2ChildRegistrationNotAllowed [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.

    theme.templates.oauth2ChildRegistrationNotAllowedComplete [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.

    theme.templates.oauth2CompleteRegistration [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.

    theme.templates.oauth2Device [String] Since 1.11.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.

    theme.templates.oauth2DeviceComplete [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.

    theme.templates.oauth2Error [String]

    This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.

    theme.templates.oauth2Logout [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/logout path. This page is used if the user initiates an OAuth logout. This page causes the user to be logged out of all associated applications or just the initiating application, as configured, via a front-channel mechanism before being redirected.

    theme.templates.oauth2Passwordless [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.

    theme.templates.oauth2Register [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.

    theme.templates.oauth2StartIdPLink [String] Since 1.28.0

    A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the linking strategy of the Identity Provider is set to create a pending link. The user is presented with the option to link their account with an existing FusionAuth user account or create a new FusionAuth user.

    theme.templates.oauth2TwoFactor [String]

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled or two factor authentication is required and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.

    theme.templates.oauth2TwoFactorEnable [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable path. This page contains a form providing a user with the Oauth2 two-factor enable form

    theme.templates.oauth2TwoFactorEnableComplete [String] Since 1.42.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-enable-complete path. This page contains a form providing a user with the Oauth2 two-factor enable complete form

    theme.templates.oauth2TwoFactorMethods [String] Since 1.26.0

    A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.

    theme.templates.oauth2Wait [String] Since 1.12.0

    A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.

    theme.templates.oauth2WebAuthn [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.

    theme.templates.oauth2WebAuthnReauth [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.

    theme.templates.oauth2WebAuthnReauthEnable [String] Since 1.41.0

    A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.

    theme.templates.passwordChange [String]

    A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.

    theme.templates.passwordComplete [String]

    A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.

    theme.templates.passwordForgot [String]

    A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.

    theme.templates.passwordSent [String]

    A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.

    theme.templates.registrationComplete [String]

    A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.

    theme.templates.registrationSent [String]

    A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.

    theme.templates.registrationVerificationRequired [String] Since 1.27.0

    A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.

    theme.templates.registrationVerify [String]

    A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.

    theme.templates.samlv2Logout [String] Since 1.25.0

    A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.

    theme.templates.unauthorized [String] Since 1.30.0

    A FreeMarker template that is rendered when the user requests the /unauthorized path. This page is used if the user is not authorized to use the application or page. If you have advanced threat detection enabled, this page is generally made available to you.

    Example Response JSON
    
    {
      "theme": {
        "data": {
          "addedBy": "richard"
        },
        "defaultMessages": "title=Login",
        "id": "64773453-bb11-457b-a3d6-7475ec2259d0",
        "insertInstant": 1564006815352,
        "lastUpdateInstant": 1564084258150,
        "localizedMessages": {
          "fr": "title=Identifiant",
          "es": "title=Iniciar sesión"
        },
        "name": "Orange Theme",
        "stylesheet": "h1 {\r\n  color: orange;\r\n  text-align: center;\r\n}",
        "templates": {
          "accountEdit": "[#ftl/]",
          "accountIndex": "[#ftl/]",
          "accountTwoFactorDisable": "[#ftl/]",
          "accountTwoFactorEnable": "[#ftl/]",
          "accountTwoFactorIndex": "[#ftl/]",
          "accountWebAuthnAdd": "[#ftl/]",
          "accountWebAuthnDelete": "[#ftl/]",
          "accountWebAuthnIndex": "[#ftl/]",
          "emailComplete": "[#ftl/]",
          "emailSent": "[#ftl/]",
          "emailVerificationRequired": "[#ftl/]",
          "emailVerify": "[#ftl/]",
          "helpers": "[#ftl/]",
          "index": "[#ftl/]",
          "oauth2Authorize": "[#ftl/]",
          "oauth2AuthorizedNotRegistered": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowed": "[#ftl/]",
          "oauth2ChildRegistrationNotAllowedComplete": "[#ftl/]",
          "oauth2CompleteRegistration": "[#ftl/]",
          "oauth2Device": "[#ftl/]",
          "oauth2DeviceComplete": "[#ftl/]",
          "oauth2Error": "[#ftl/]",
          "oauth2Logout": "[#ftl/]",
          "oauth2Passwordless": "[#ftl/]",
          "oauth2Register": "[#ftl/]",
          "oauth2StartIdPLink": "[#ftl/]",
          "oauth2TwoFactor": "[#ftl/]",
          "oauth2TwoFactorEnable": "[#ftl/]",
          "oauth2TwoFactorEnableComplete": "[#ftl/]",
          "oauth2TwoFactorMethods": "[#ftl/]",
          "oauth2Wait": "[#ftl/]",
          "oauth2WebAuthn": "[#ftl/]",
          "oauth2WebAuthnReauth": "[#ftl/]",
          "oauth2WebAuthnReauthEnable": "[#ftl/]",
          "passwordChange": "[#ftl/]",
          "passwordComplete": "[#ftl/]",
          "passwordForgot": "[#ftl/]",
          "passwordSent": "[#ftl/]",
          "registrationComplete": "[#ftl/]",
          "registrationSent": "[#ftl/]",
          "registrationVerificationRequired": "[#ftl/]",
          "registrationVerify": "[#ftl/]",
          "samlv2Logout": "[#ftl/]",
          "unauthorized": "[#ftl/]"
        }
      }
    }

    Delete a Theme

    This API is used to permanently delete a Theme.

    Request

    Delete a Theme by Id

    URI

    DELETE /api/theme/{themeId}

    Request Parameters

    themeId [UUID] Required

    The unique Id of the Theme to delete.

    Response

    This API does not return a JSON response body.

    Table 5. Response Codes
    Code Description

    200

    The request was successful. The response will be empty.

    400

    The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.

    401

    You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.

    404

    The object you are trying to delete doesn’t exist. The response will be empty.

    500

    There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

    503

    The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    Have a question or comment to share?

    Visit the FusionAuth community forum.

    © 2023 FusionAuth
    How-to
    Blog
    Expert Advice
    Download
    Release Notes
    Subscribe for developer updates