FusionAuth v5.1.0, Oct 22 24

FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

fusionauth.FusionAuthTheme

Explore with Pulumi AI

FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

# Theme Resource

UI login themes can be configured to enable custom branding for your FusionAuth login workflow. Themes are configured per Tenant or optionally by Application.

Themes API

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";

const mytheme = new fusionauth.FusionAuthTheme("mytheme", {
    accountEdit: "[#ftl/]",
    accountIndex: "[#ftl/]",
    accountTwoFactorDisable: "[#ftl/]",
    accountTwoFactorEnable: "[#ftl/]",
    accountTwoFactorIndex: "[#ftl/]",
    accountWebauthnAdd: "[#ftl/]",
    accountWebauthnDelete: "[#ftl/]",
    accountWebauthnIndex: "[#ftl/]",
    confirmationRequired: "[#ftl/]",
    defaultMessages: "[#ftl/]",
    emailComplete: "[#ftl/]",
    emailSend: "[#ftl/]",
    emailSent: "[#ftl/]",
    emailVerificationRequired: "[#ftl/]",
    emailVerify: "[#ftl/]",
    helpers: "[#ftl/]",
    index: "[#ftl/]",
    oauth2Authorize: "[#ftl/]",
    oauth2AuthorizedNotRegistered: "[#ftl/]",
    oauth2ChildRegistrationNotAllowed: "[#ftl/]",
    oauth2ChildRegistrationNotAllowedComplete: "[#ftl/]",
    oauth2CompleteRegistration: "[#ftl/]",
    oauth2Consent: "[#ftl/]",
    oauth2Device: "[#ftl/]",
    oauth2DeviceComplete: "[#ftl/]",
    oauth2Error: "[#ftl/]",
    oauth2Logout: "[#ftl/]",
    oauth2Passwordless: "[#ftl/]",
    oauth2Register: "[#ftl/]",
    oauth2StartIdpLink: "[#ftl/]",
    oauth2TwoFactor: "[#ftl/]",
    oauth2TwoFactorEnable: "[#ftl/]",
    oauth2TwoFactorEnableComplete: "[#ftl/]",
    oauth2TwoFactorMethods: "[#ftl/]",
    oauth2Wait: "[#ftl/]",
    oauth2Webauthn: "[#ftl/]",
    oauth2WebauthnReauth: "[#ftl/]",
    oauth2WebauthnReauthEnable: "[#ftl/]",
    passwordChange: "[#ftl/]",
    passwordComplete: "[#ftl/]",
    passwordForgot: "[#ftl/]",
    passwordSent: "[#ftl/]",
    registrationComplete: "[#ftl/]",
    registrationSend: "[#ftl/]",
    registrationSent: "[#ftl/]",
    registrationVerificationRequired: "[#ftl/]",
    registrationVerify: "[#ftl/]",
    samlv2Logout: "[#ftl/]",
    stylesheet: "/* stylish */",
    unauthorized: "[#ftl/]",
});

import pulumi
import theogravity_pulumi_fusionauth as fusionauth

mytheme = fusionauth.FusionAuthTheme("mytheme",
    account_edit="[#ftl/]",
    account_index="[#ftl/]",
    account_two_factor_disable="[#ftl/]",
    account_two_factor_enable="[#ftl/]",
    account_two_factor_index="[#ftl/]",
    account_webauthn_add="[#ftl/]",
    account_webauthn_delete="[#ftl/]",
    account_webauthn_index="[#ftl/]",
    confirmation_required="[#ftl/]",
    default_messages="[#ftl/]",
    email_complete="[#ftl/]",
    email_send="[#ftl/]",
    email_sent="[#ftl/]",
    email_verification_required="[#ftl/]",
    email_verify="[#ftl/]",
    helpers="[#ftl/]",
    index="[#ftl/]",
    oauth2_authorize="[#ftl/]",
    oauth2_authorized_not_registered="[#ftl/]",
    oauth2_child_registration_not_allowed="[#ftl/]",
    oauth2_child_registration_not_allowed_complete="[#ftl/]",
    oauth2_complete_registration="[#ftl/]",
    oauth2_consent="[#ftl/]",
    oauth2_device="[#ftl/]",
    oauth2_device_complete="[#ftl/]",
    oauth2_error="[#ftl/]",
    oauth2_logout="[#ftl/]",
    oauth2_passwordless="[#ftl/]",
    oauth2_register="[#ftl/]",
    oauth2_start_idp_link="[#ftl/]",
    oauth2_two_factor="[#ftl/]",
    oauth2_two_factor_enable="[#ftl/]",
    oauth2_two_factor_enable_complete="[#ftl/]",
    oauth2_two_factor_methods="[#ftl/]",
    oauth2_wait="[#ftl/]",
    oauth2_webauthn="[#ftl/]",
    oauth2_webauthn_reauth="[#ftl/]",
    oauth2_webauthn_reauth_enable="[#ftl/]",
    password_change="[#ftl/]",
    password_complete="[#ftl/]",
    password_forgot="[#ftl/]",
    password_sent="[#ftl/]",
    registration_complete="[#ftl/]",
    registration_send="[#ftl/]",
    registration_sent="[#ftl/]",
    registration_verification_required="[#ftl/]",
    registration_verify="[#ftl/]",
    samlv2_logout="[#ftl/]",
    stylesheet="/* stylish */",
    unauthorized="[#ftl/]")

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fusionauth.NewFusionAuthTheme(ctx, "mytheme", &fusionauth.FusionAuthThemeArgs{
			AccountEdit:                       pulumi.String("[#ftl/]"),
			AccountIndex:                      pulumi.String("[#ftl/]"),
			AccountTwoFactorDisable:           pulumi.String("[#ftl/]"),
			AccountTwoFactorEnable:            pulumi.String("[#ftl/]"),
			AccountTwoFactorIndex:             pulumi.String("[#ftl/]"),
			AccountWebauthnAdd:                pulumi.String("[#ftl/]"),
			AccountWebauthnDelete:             pulumi.String("[#ftl/]"),
			AccountWebauthnIndex:              pulumi.String("[#ftl/]"),
			ConfirmationRequired:              pulumi.String("[#ftl/]"),
			DefaultMessages:                   pulumi.String("[#ftl/]"),
			EmailComplete:                     pulumi.String("[#ftl/]"),
			EmailSend:                         pulumi.String("[#ftl/]"),
			EmailSent:                         pulumi.String("[#ftl/]"),
			EmailVerificationRequired:         pulumi.String("[#ftl/]"),
			EmailVerify:                       pulumi.String("[#ftl/]"),
			Helpers:                           pulumi.String("[#ftl/]"),
			Index:                             pulumi.String("[#ftl/]"),
			Oauth2Authorize:                   pulumi.String("[#ftl/]"),
			Oauth2AuthorizedNotRegistered:     pulumi.String("[#ftl/]"),
			Oauth2ChildRegistrationNotAllowed: pulumi.String("[#ftl/]"),
			Oauth2ChildRegistrationNotAllowedComplete: pulumi.String("[#ftl/]"),
			Oauth2CompleteRegistration:                pulumi.String("[#ftl/]"),
			Oauth2Consent:                             pulumi.String("[#ftl/]"),
			Oauth2Device:                              pulumi.String("[#ftl/]"),
			Oauth2DeviceComplete:                      pulumi.String("[#ftl/]"),
			Oauth2Error:                               pulumi.String("[#ftl/]"),
			Oauth2Logout:                              pulumi.String("[#ftl/]"),
			Oauth2Passwordless:                        pulumi.String("[#ftl/]"),
			Oauth2Register:                            pulumi.String("[#ftl/]"),
			Oauth2StartIdpLink:                        pulumi.String("[#ftl/]"),
			Oauth2TwoFactor:                           pulumi.String("[#ftl/]"),
			Oauth2TwoFactorEnable:                     pulumi.String("[#ftl/]"),
			Oauth2TwoFactorEnableComplete:             pulumi.String("[#ftl/]"),
			Oauth2TwoFactorMethods:                    pulumi.String("[#ftl/]"),
			Oauth2Wait:                                pulumi.String("[#ftl/]"),
			Oauth2Webauthn:                            pulumi.String("[#ftl/]"),
			Oauth2WebauthnReauth:                      pulumi.String("[#ftl/]"),
			Oauth2WebauthnReauthEnable:                pulumi.String("[#ftl/]"),
			PasswordChange:                            pulumi.String("[#ftl/]"),
			PasswordComplete:                          pulumi.String("[#ftl/]"),
			PasswordForgot:                            pulumi.String("[#ftl/]"),
			PasswordSent:                              pulumi.String("[#ftl/]"),
			RegistrationComplete:                      pulumi.String("[#ftl/]"),
			RegistrationSend:                          pulumi.String("[#ftl/]"),
			RegistrationSent:                          pulumi.String("[#ftl/]"),
			RegistrationVerificationRequired:          pulumi.String("[#ftl/]"),
			RegistrationVerify:                        pulumi.String("[#ftl/]"),
			Samlv2Logout:                              pulumi.String("[#ftl/]"),
			Stylesheet:                                pulumi.String("/* stylish */"),
			Unauthorized:                              pulumi.String("[#ftl/]"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;

return await Deployment.RunAsync(() => 
{
    var mytheme = new Fusionauth.FusionAuthTheme("mytheme", new()
    {
        AccountEdit = "[#ftl/]",
        AccountIndex = "[#ftl/]",
        AccountTwoFactorDisable = "[#ftl/]",
        AccountTwoFactorEnable = "[#ftl/]",
        AccountTwoFactorIndex = "[#ftl/]",
        AccountWebauthnAdd = "[#ftl/]",
        AccountWebauthnDelete = "[#ftl/]",
        AccountWebauthnIndex = "[#ftl/]",
        ConfirmationRequired = "[#ftl/]",
        DefaultMessages = "[#ftl/]",
        EmailComplete = "[#ftl/]",
        EmailSend = "[#ftl/]",
        EmailSent = "[#ftl/]",
        EmailVerificationRequired = "[#ftl/]",
        EmailVerify = "[#ftl/]",
        Helpers = "[#ftl/]",
        Index = "[#ftl/]",
        Oauth2Authorize = "[#ftl/]",
        Oauth2AuthorizedNotRegistered = "[#ftl/]",
        Oauth2ChildRegistrationNotAllowed = "[#ftl/]",
        Oauth2ChildRegistrationNotAllowedComplete = "[#ftl/]",
        Oauth2CompleteRegistration = "[#ftl/]",
        Oauth2Consent = "[#ftl/]",
        Oauth2Device = "[#ftl/]",
        Oauth2DeviceComplete = "[#ftl/]",
        Oauth2Error = "[#ftl/]",
        Oauth2Logout = "[#ftl/]",
        Oauth2Passwordless = "[#ftl/]",
        Oauth2Register = "[#ftl/]",
        Oauth2StartIdpLink = "[#ftl/]",
        Oauth2TwoFactor = "[#ftl/]",
        Oauth2TwoFactorEnable = "[#ftl/]",
        Oauth2TwoFactorEnableComplete = "[#ftl/]",
        Oauth2TwoFactorMethods = "[#ftl/]",
        Oauth2Wait = "[#ftl/]",
        Oauth2Webauthn = "[#ftl/]",
        Oauth2WebauthnReauth = "[#ftl/]",
        Oauth2WebauthnReauthEnable = "[#ftl/]",
        PasswordChange = "[#ftl/]",
        PasswordComplete = "[#ftl/]",
        PasswordForgot = "[#ftl/]",
        PasswordSent = "[#ftl/]",
        RegistrationComplete = "[#ftl/]",
        RegistrationSend = "[#ftl/]",
        RegistrationSent = "[#ftl/]",
        RegistrationVerificationRequired = "[#ftl/]",
        RegistrationVerify = "[#ftl/]",
        Samlv2Logout = "[#ftl/]",
        Stylesheet = "/* stylish */",
        Unauthorized = "[#ftl/]",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthTheme;
import com.pulumi.fusionauth.FusionAuthThemeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var mytheme = new FusionAuthTheme("mytheme", FusionAuthThemeArgs.builder()
            .accountEdit("[#ftl/]")
            .accountIndex("[#ftl/]")
            .accountTwoFactorDisable("[#ftl/]")
            .accountTwoFactorEnable("[#ftl/]")
            .accountTwoFactorIndex("[#ftl/]")
            .accountWebauthnAdd("[#ftl/]")
            .accountWebauthnDelete("[#ftl/]")
            .accountWebauthnIndex("[#ftl/]")
            .confirmationRequired("[#ftl/]")
            .defaultMessages("[#ftl/]")
            .emailComplete("[#ftl/]")
            .emailSend("[#ftl/]")
            .emailSent("[#ftl/]")
            .emailVerificationRequired("[#ftl/]")
            .emailVerify("[#ftl/]")
            .helpers("[#ftl/]")
            .index("[#ftl/]")
            .oauth2Authorize("[#ftl/]")
            .oauth2AuthorizedNotRegistered("[#ftl/]")
            .oauth2ChildRegistrationNotAllowed("[#ftl/]")
            .oauth2ChildRegistrationNotAllowedComplete("[#ftl/]")
            .oauth2CompleteRegistration("[#ftl/]")
            .oauth2Consent("[#ftl/]")
            .oauth2Device("[#ftl/]")
            .oauth2DeviceComplete("[#ftl/]")
            .oauth2Error("[#ftl/]")
            .oauth2Logout("[#ftl/]")
            .oauth2Passwordless("[#ftl/]")
            .oauth2Register("[#ftl/]")
            .oauth2StartIdpLink("[#ftl/]")
            .oauth2TwoFactor("[#ftl/]")
            .oauth2TwoFactorEnable("[#ftl/]")
            .oauth2TwoFactorEnableComplete("[#ftl/]")
            .oauth2TwoFactorMethods("[#ftl/]")
            .oauth2Wait("[#ftl/]")
            .oauth2Webauthn("[#ftl/]")
            .oauth2WebauthnReauth("[#ftl/]")
            .oauth2WebauthnReauthEnable("[#ftl/]")
            .passwordChange("[#ftl/]")
            .passwordComplete("[#ftl/]")
            .passwordForgot("[#ftl/]")
            .passwordSent("[#ftl/]")
            .registrationComplete("[#ftl/]")
            .registrationSend("[#ftl/]")
            .registrationSent("[#ftl/]")
            .registrationVerificationRequired("[#ftl/]")
            .registrationVerify("[#ftl/]")
            .samlv2Logout("[#ftl/]")
            .stylesheet("/* stylish */")
            .unauthorized("[#ftl/]")
            .build());

    }
}

resources:
  mytheme:
    type: fusionauth:FusionAuthTheme
    properties:
      accountEdit: '[#ftl/]'
      accountIndex: '[#ftl/]'
      accountTwoFactorDisable: '[#ftl/]'
      accountTwoFactorEnable: '[#ftl/]'
      accountTwoFactorIndex: '[#ftl/]'
      accountWebauthnAdd: '[#ftl/]'
      accountWebauthnDelete: '[#ftl/]'
      accountWebauthnIndex: '[#ftl/]'
      confirmationRequired: '[#ftl/]'
      defaultMessages: '[#ftl/]'
      emailComplete: '[#ftl/]'
      # Deprecated Properties
      emailSend: '[#ftl/]'
      emailSent: '[#ftl/]'
      emailVerificationRequired: '[#ftl/]'
      emailVerify: '[#ftl/]'
      helpers: '[#ftl/]'
      index: '[#ftl/]'
      oauth2Authorize: '[#ftl/]'
      oauth2AuthorizedNotRegistered: '[#ftl/]'
      oauth2ChildRegistrationNotAllowed: '[#ftl/]'
      oauth2ChildRegistrationNotAllowedComplete: '[#ftl/]'
      oauth2CompleteRegistration: '[#ftl/]'
      oauth2Consent: '[#ftl/]'
      oauth2Device: '[#ftl/]'
      oauth2DeviceComplete: '[#ftl/]'
      oauth2Error: '[#ftl/]'
      oauth2Logout: '[#ftl/]'
      oauth2Passwordless: '[#ftl/]'
      oauth2Register: '[#ftl/]'
      oauth2StartIdpLink: '[#ftl/]'
      oauth2TwoFactor: '[#ftl/]'
      oauth2TwoFactorEnable: '[#ftl/]'
      oauth2TwoFactorEnableComplete: '[#ftl/]'
      oauth2TwoFactorMethods: '[#ftl/]'
      oauth2Wait: '[#ftl/]'
      oauth2Webauthn: '[#ftl/]'
      oauth2WebauthnReauth: '[#ftl/]'
      oauth2WebauthnReauthEnable: '[#ftl/]'
      passwordChange: '[#ftl/]'
      passwordComplete: '[#ftl/]'
      passwordForgot: '[#ftl/]'
      passwordSent: '[#ftl/]'
      registrationComplete: '[#ftl/]'
      registrationSend: '[#ftl/]'
      registrationSent: '[#ftl/]'
      registrationVerificationRequired: '[#ftl/]'
      registrationVerify: '[#ftl/]'
      samlv2Logout: '[#ftl/]'
      stylesheet: /* stylish */
      unauthorized: '[#ftl/]'

Create FusionAuthTheme Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new FusionAuthTheme(name: string, args?: FusionAuthThemeArgs, opts?: CustomResourceOptions);

@overload
def FusionAuthTheme(resource_name: str,
                    args: Optional[FusionAuthThemeArgs] = None,
                    opts: Optional[ResourceOptions] = None)

@overload
def FusionAuthTheme(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    account_edit: Optional[str] = None,
                    account_index: Optional[str] = None,
                    account_two_factor_disable: Optional[str] = None,
                    account_two_factor_enable: Optional[str] = None,
                    account_two_factor_index: Optional[str] = None,
                    account_webauthn_add: Optional[str] = None,
                    account_webauthn_delete: Optional[str] = None,
                    account_webauthn_index: Optional[str] = None,
                    confirmation_required: Optional[str] = None,
                    default_messages: Optional[str] = None,
                    email_complete: Optional[str] = None,
                    email_send: Optional[str] = None,
                    email_sent: Optional[str] = None,
                    email_verification_required: Optional[str] = None,
                    email_verify: Optional[str] = None,
                    helpers: Optional[str] = None,
                    index: Optional[str] = None,
                    localized_messages: Optional[Mapping[str, Any]] = None,
                    name: Optional[str] = None,
                    oauth2_authorize: Optional[str] = None,
                    oauth2_authorized_not_registered: Optional[str] = None,
                    oauth2_child_registration_not_allowed: Optional[str] = None,
                    oauth2_child_registration_not_allowed_complete: Optional[str] = None,
                    oauth2_complete_registration: Optional[str] = None,
                    oauth2_consent: Optional[str] = None,
                    oauth2_device: Optional[str] = None,
                    oauth2_device_complete: Optional[str] = None,
                    oauth2_error: Optional[str] = None,
                    oauth2_logout: Optional[str] = None,
                    oauth2_passwordless: Optional[str] = None,
                    oauth2_register: Optional[str] = None,
                    oauth2_start_idp_link: Optional[str] = None,
                    oauth2_two_factor: Optional[str] = None,
                    oauth2_two_factor_enable: Optional[str] = None,
                    oauth2_two_factor_enable_complete: Optional[str] = None,
                    oauth2_two_factor_methods: Optional[str] = None,
                    oauth2_wait: Optional[str] = None,
                    oauth2_webauthn: Optional[str] = None,
                    oauth2_webauthn_reauth: Optional[str] = None,
                    oauth2_webauthn_reauth_enable: Optional[str] = None,
                    password_change: Optional[str] = None,
                    password_complete: Optional[str] = None,
                    password_forgot: Optional[str] = None,
                    password_sent: Optional[str] = None,
                    registration_complete: Optional[str] = None,
                    registration_send: Optional[str] = None,
                    registration_sent: Optional[str] = None,
                    registration_verification_required: Optional[str] = None,
                    registration_verify: Optional[str] = None,
                    samlv2_logout: Optional[str] = None,
                    source_theme_id: Optional[str] = None,
                    stylesheet: Optional[str] = None,
                    unauthorized: Optional[str] = None)

func NewFusionAuthTheme(ctx *Context, name string, args *FusionAuthThemeArgs, opts ...ResourceOption) (*FusionAuthTheme, error)

public FusionAuthTheme(string name, FusionAuthThemeArgs? args = null, CustomResourceOptions? opts = null)

public FusionAuthTheme(String name, FusionAuthThemeArgs args)
public FusionAuthTheme(String name, FusionAuthThemeArgs args, CustomResourceOptions options)

type: fusionauth:FusionAuthTheme
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args FusionAuthThemeArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FusionAuthThemeArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FusionAuthThemeArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FusionAuthThemeArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FusionAuthThemeArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var fusionAuthThemeResource = new Fusionauth.FusionAuthTheme("fusionAuthThemeResource", new()
{
    AccountEdit = "string",
    AccountIndex = "string",
    AccountTwoFactorDisable = "string",
    AccountTwoFactorEnable = "string",
    AccountTwoFactorIndex = "string",
    AccountWebauthnAdd = "string",
    AccountWebauthnDelete = "string",
    AccountWebauthnIndex = "string",
    ConfirmationRequired = "string",
    DefaultMessages = "string",
    EmailComplete = "string",
    EmailSent = "string",
    EmailVerificationRequired = "string",
    EmailVerify = "string",
    Helpers = "string",
    Index = "string",
    LocalizedMessages = 
    {
        { "string", "any" },
    },
    Name = "string",
    Oauth2Authorize = "string",
    Oauth2AuthorizedNotRegistered = "string",
    Oauth2ChildRegistrationNotAllowed = "string",
    Oauth2ChildRegistrationNotAllowedComplete = "string",
    Oauth2CompleteRegistration = "string",
    Oauth2Consent = "string",
    Oauth2Device = "string",
    Oauth2DeviceComplete = "string",
    Oauth2Error = "string",
    Oauth2Logout = "string",
    Oauth2Passwordless = "string",
    Oauth2Register = "string",
    Oauth2StartIdpLink = "string",
    Oauth2TwoFactor = "string",
    Oauth2TwoFactorEnable = "string",
    Oauth2TwoFactorEnableComplete = "string",
    Oauth2TwoFactorMethods = "string",
    Oauth2Wait = "string",
    Oauth2Webauthn = "string",
    Oauth2WebauthnReauth = "string",
    Oauth2WebauthnReauthEnable = "string",
    PasswordChange = "string",
    PasswordComplete = "string",
    PasswordForgot = "string",
    PasswordSent = "string",
    RegistrationComplete = "string",
    RegistrationSent = "string",
    RegistrationVerificationRequired = "string",
    RegistrationVerify = "string",
    Samlv2Logout = "string",
    SourceThemeId = "string",
    Stylesheet = "string",
    Unauthorized = "string",
});

example, err := fusionauth.NewFusionAuthTheme(ctx, "fusionAuthThemeResource", &fusionauth.FusionAuthThemeArgs{
	AccountEdit:               pulumi.String("string"),
	AccountIndex:              pulumi.String("string"),
	AccountTwoFactorDisable:   pulumi.String("string"),
	AccountTwoFactorEnable:    pulumi.String("string"),
	AccountTwoFactorIndex:     pulumi.String("string"),
	AccountWebauthnAdd:        pulumi.String("string"),
	AccountWebauthnDelete:     pulumi.String("string"),
	AccountWebauthnIndex:      pulumi.String("string"),
	ConfirmationRequired:      pulumi.String("string"),
	DefaultMessages:           pulumi.String("string"),
	EmailComplete:             pulumi.String("string"),
	EmailSent:                 pulumi.String("string"),
	EmailVerificationRequired: pulumi.String("string"),
	EmailVerify:               pulumi.String("string"),
	Helpers:                   pulumi.String("string"),
	Index:                     pulumi.String("string"),
	LocalizedMessages: pulumi.Map{
		"string": pulumi.Any("any"),
	},
	Name:                              pulumi.String("string"),
	Oauth2Authorize:                   pulumi.String("string"),
	Oauth2AuthorizedNotRegistered:     pulumi.String("string"),
	Oauth2ChildRegistrationNotAllowed: pulumi.String("string"),
	Oauth2ChildRegistrationNotAllowedComplete: pulumi.String("string"),
	Oauth2CompleteRegistration:                pulumi.String("string"),
	Oauth2Consent:                             pulumi.String("string"),
	Oauth2Device:                              pulumi.String("string"),
	Oauth2DeviceComplete:                      pulumi.String("string"),
	Oauth2Error:                               pulumi.String("string"),
	Oauth2Logout:                              pulumi.String("string"),
	Oauth2Passwordless:                        pulumi.String("string"),
	Oauth2Register:                            pulumi.String("string"),
	Oauth2StartIdpLink:                        pulumi.String("string"),
	Oauth2TwoFactor:                           pulumi.String("string"),
	Oauth2TwoFactorEnable:                     pulumi.String("string"),
	Oauth2TwoFactorEnableComplete:             pulumi.String("string"),
	Oauth2TwoFactorMethods:                    pulumi.String("string"),
	Oauth2Wait:                                pulumi.String("string"),
	Oauth2Webauthn:                            pulumi.String("string"),
	Oauth2WebauthnReauth:                      pulumi.String("string"),
	Oauth2WebauthnReauthEnable:                pulumi.String("string"),
	PasswordChange:                            pulumi.String("string"),
	PasswordComplete:                          pulumi.String("string"),
	PasswordForgot:                            pulumi.String("string"),
	PasswordSent:                              pulumi.String("string"),
	RegistrationComplete:                      pulumi.String("string"),
	RegistrationSent:                          pulumi.String("string"),
	RegistrationVerificationRequired:          pulumi.String("string"),
	RegistrationVerify:                        pulumi.String("string"),
	Samlv2Logout:                              pulumi.String("string"),
	SourceThemeId:                             pulumi.String("string"),
	Stylesheet:                                pulumi.String("string"),
	Unauthorized:                              pulumi.String("string"),
})

var fusionAuthThemeResource = new FusionAuthTheme("fusionAuthThemeResource", FusionAuthThemeArgs.builder()
    .accountEdit("string")
    .accountIndex("string")
    .accountTwoFactorDisable("string")
    .accountTwoFactorEnable("string")
    .accountTwoFactorIndex("string")
    .accountWebauthnAdd("string")
    .accountWebauthnDelete("string")
    .accountWebauthnIndex("string")
    .confirmationRequired("string")
    .defaultMessages("string")
    .emailComplete("string")
    .emailSent("string")
    .emailVerificationRequired("string")
    .emailVerify("string")
    .helpers("string")
    .index("string")
    .localizedMessages(Map.of("string", "any"))
    .name("string")
    .oauth2Authorize("string")
    .oauth2AuthorizedNotRegistered("string")
    .oauth2ChildRegistrationNotAllowed("string")
    .oauth2ChildRegistrationNotAllowedComplete("string")
    .oauth2CompleteRegistration("string")
    .oauth2Consent("string")
    .oauth2Device("string")
    .oauth2DeviceComplete("string")
    .oauth2Error("string")
    .oauth2Logout("string")
    .oauth2Passwordless("string")
    .oauth2Register("string")
    .oauth2StartIdpLink("string")
    .oauth2TwoFactor("string")
    .oauth2TwoFactorEnable("string")
    .oauth2TwoFactorEnableComplete("string")
    .oauth2TwoFactorMethods("string")
    .oauth2Wait("string")
    .oauth2Webauthn("string")
    .oauth2WebauthnReauth("string")
    .oauth2WebauthnReauthEnable("string")
    .passwordChange("string")
    .passwordComplete("string")
    .passwordForgot("string")
    .passwordSent("string")
    .registrationComplete("string")
    .registrationSent("string")
    .registrationVerificationRequired("string")
    .registrationVerify("string")
    .samlv2Logout("string")
    .sourceThemeId("string")
    .stylesheet("string")
    .unauthorized("string")
    .build());

fusion_auth_theme_resource = fusionauth.FusionAuthTheme("fusionAuthThemeResource",
    account_edit="string",
    account_index="string",
    account_two_factor_disable="string",
    account_two_factor_enable="string",
    account_two_factor_index="string",
    account_webauthn_add="string",
    account_webauthn_delete="string",
    account_webauthn_index="string",
    confirmation_required="string",
    default_messages="string",
    email_complete="string",
    email_sent="string",
    email_verification_required="string",
    email_verify="string",
    helpers="string",
    index="string",
    localized_messages={
        "string": "any",
    },
    name="string",
    oauth2_authorize="string",
    oauth2_authorized_not_registered="string",
    oauth2_child_registration_not_allowed="string",
    oauth2_child_registration_not_allowed_complete="string",
    oauth2_complete_registration="string",
    oauth2_consent="string",
    oauth2_device="string",
    oauth2_device_complete="string",
    oauth2_error="string",
    oauth2_logout="string",
    oauth2_passwordless="string",
    oauth2_register="string",
    oauth2_start_idp_link="string",
    oauth2_two_factor="string",
    oauth2_two_factor_enable="string",
    oauth2_two_factor_enable_complete="string",
    oauth2_two_factor_methods="string",
    oauth2_wait="string",
    oauth2_webauthn="string",
    oauth2_webauthn_reauth="string",
    oauth2_webauthn_reauth_enable="string",
    password_change="string",
    password_complete="string",
    password_forgot="string",
    password_sent="string",
    registration_complete="string",
    registration_sent="string",
    registration_verification_required="string",
    registration_verify="string",
    samlv2_logout="string",
    source_theme_id="string",
    stylesheet="string",
    unauthorized="string")

const fusionAuthThemeResource = new fusionauth.FusionAuthTheme("fusionAuthThemeResource", {
    accountEdit: "string",
    accountIndex: "string",
    accountTwoFactorDisable: "string",
    accountTwoFactorEnable: "string",
    accountTwoFactorIndex: "string",
    accountWebauthnAdd: "string",
    accountWebauthnDelete: "string",
    accountWebauthnIndex: "string",
    confirmationRequired: "string",
    defaultMessages: "string",
    emailComplete: "string",
    emailSent: "string",
    emailVerificationRequired: "string",
    emailVerify: "string",
    helpers: "string",
    index: "string",
    localizedMessages: {
        string: "any",
    },
    name: "string",
    oauth2Authorize: "string",
    oauth2AuthorizedNotRegistered: "string",
    oauth2ChildRegistrationNotAllowed: "string",
    oauth2ChildRegistrationNotAllowedComplete: "string",
    oauth2CompleteRegistration: "string",
    oauth2Consent: "string",
    oauth2Device: "string",
    oauth2DeviceComplete: "string",
    oauth2Error: "string",
    oauth2Logout: "string",
    oauth2Passwordless: "string",
    oauth2Register: "string",
    oauth2StartIdpLink: "string",
    oauth2TwoFactor: "string",
    oauth2TwoFactorEnable: "string",
    oauth2TwoFactorEnableComplete: "string",
    oauth2TwoFactorMethods: "string",
    oauth2Wait: "string",
    oauth2Webauthn: "string",
    oauth2WebauthnReauth: "string",
    oauth2WebauthnReauthEnable: "string",
    passwordChange: "string",
    passwordComplete: "string",
    passwordForgot: "string",
    passwordSent: "string",
    registrationComplete: "string",
    registrationSent: "string",
    registrationVerificationRequired: "string",
    registrationVerify: "string",
    samlv2Logout: "string",
    sourceThemeId: "string",
    stylesheet: "string",
    unauthorized: "string",
});

type: fusionauth:FusionAuthTheme
properties:
    accountEdit: string
    accountIndex: string
    accountTwoFactorDisable: string
    accountTwoFactorEnable: string
    accountTwoFactorIndex: string
    accountWebauthnAdd: string
    accountWebauthnDelete: string
    accountWebauthnIndex: string
    confirmationRequired: string
    defaultMessages: string
    emailComplete: string
    emailSent: string
    emailVerificationRequired: string
    emailVerify: string
    helpers: string
    index: string
    localizedMessages:
        string: any
    name: string
    oauth2Authorize: string
    oauth2AuthorizedNotRegistered: string
    oauth2ChildRegistrationNotAllowed: string
    oauth2ChildRegistrationNotAllowedComplete: string
    oauth2CompleteRegistration: string
    oauth2Consent: string
    oauth2Device: string
    oauth2DeviceComplete: string
    oauth2Error: string
    oauth2Logout: string
    oauth2Passwordless: string
    oauth2Register: string
    oauth2StartIdpLink: string
    oauth2TwoFactor: string
    oauth2TwoFactorEnable: string
    oauth2TwoFactorEnableComplete: string
    oauth2TwoFactorMethods: string
    oauth2Wait: string
    oauth2Webauthn: string
    oauth2WebauthnReauth: string
    oauth2WebauthnReauthEnable: string
    passwordChange: string
    passwordComplete: string
    passwordForgot: string
    passwordSent: string
    registrationComplete: string
    registrationSent: string
    registrationVerificationRequired: string
    registrationVerify: string
    samlv2Logout: string
    sourceThemeId: string
    stylesheet: string
    unauthorized: string

FusionAuthTheme Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The FusionAuthTheme resource accepts the following input properties:

AccountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
AccountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
AccountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
AccountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
AccountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
AccountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
AccountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
AccountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
ConfirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
DefaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
EmailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
EmailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
EmailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
EmailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
EmailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
Index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
LocalizedMessages Dictionary<string, object>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
Name string: A unique name for the Theme.
Oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
Oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
Oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
Oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
Oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
Oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
Oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
Oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
Oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
Oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
Oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
Oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
Oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
Oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
Oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
Oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
Oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
Oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
Oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
Oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
Oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
PasswordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
PasswordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
PasswordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
PasswordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
RegistrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
RegistrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
RegistrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
RegistrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
RegistrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
SourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
Stylesheet string: A CSS stylesheet used to style the templates.
Unauthorized string: An optional FreeMarker template that contains the unauthorized page.

AccountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
AccountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
AccountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
AccountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
AccountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
AccountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
AccountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
AccountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
ConfirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
DefaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
EmailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
EmailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
EmailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
EmailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
EmailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
Index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
LocalizedMessages map[string]interface{}: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
Name string: A unique name for the Theme.
Oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
Oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
Oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
Oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
Oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
Oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
Oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
Oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
Oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
Oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
Oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
Oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
Oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
Oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
Oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
Oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
Oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
Oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
Oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
Oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
Oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
PasswordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
PasswordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
PasswordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
PasswordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
RegistrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
RegistrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
RegistrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
RegistrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
RegistrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
SourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
Stylesheet string: A CSS stylesheet used to style the templates.
Unauthorized string: An optional FreeMarker template that contains the unauthorized page.

accountEdit String: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex String: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex String: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd String: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete String: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex String: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired String: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages String: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete String: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend String: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent String: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired String: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify String: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers String: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index String: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages Map<String,Object>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name String: A unique name for the Theme.
oauth2Authorize String: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered String: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration String: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent String: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device String: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error String: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout String: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless String: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register String: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink String: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable String: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete String: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait String: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange String: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete String: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot String: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent String: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete String: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend String: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent String: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired String: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify String: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout String: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId String: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet String: A CSS stylesheet used to style the templates.
unauthorized String: An optional FreeMarker template that contains the unauthorized page.

accountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages {[key: string]: any}: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name string: A unique name for the Theme.
oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet string: A CSS stylesheet used to style the templates.
unauthorized string: An optional FreeMarker template that contains the unauthorized page.

account_edit str: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
account_index str: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
account_two_factor_disable str: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
account_two_factor_enable str: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
account_two_factor_index str: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
account_webauthn_add str: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
account_webauthn_delete str: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
account_webauthn_index str: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmation_required str: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
default_messages str: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
email_complete str: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
email_send str: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
email_sent str: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
email_verification_required str: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
email_verify str: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers str: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index str: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localized_messages Mapping[str, Any]: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name str: A unique name for the Theme.
oauth2_authorize str: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2_authorized_not_registered str: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2_child_registration_not_allowed str: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2_child_registration_not_allowed_complete str: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2_complete_registration str: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2_consent str: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2_device str: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2_device_complete str: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2_error str: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2_logout str: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2_passwordless str: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2_register str: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2_start_idp_link str: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2_two_factor str: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2_two_factor_enable str: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2_two_factor_enable_complete str: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2_two_factor_methods str: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2_wait str: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2_webauthn str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2_webauthn_reauth str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2_webauthn_reauth_enable str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
password_change str: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
password_complete str: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
password_forgot str: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
password_sent str: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registration_complete str: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registration_send str: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registration_sent str: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registration_verification_required str: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registration_verify str: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2_logout str: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
source_theme_id str: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet str: A CSS stylesheet used to style the templates.
unauthorized str: An optional FreeMarker template that contains the unauthorized page.

accountEdit String: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex String: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex String: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd String: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete String: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex String: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired String: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages String: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete String: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend String: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent String: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired String: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify String: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers String: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index String: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages Map<Any>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name String: A unique name for the Theme.
oauth2Authorize String: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered String: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration String: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent String: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device String: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error String: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout String: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless String: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register String: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink String: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable String: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete String: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait String: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange String: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete String: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot String: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent String: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete String: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend String: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent String: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired String: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify String: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout String: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId String: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet String: A CSS stylesheet used to style the templates.
unauthorized String: An optional FreeMarker template that contains the unauthorized page.

Outputs

All input properties are implicitly available as output properties. Additionally, the FusionAuthTheme resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing FusionAuthTheme Resource

Get an existing FusionAuthTheme resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FusionAuthThemeState, opts?: CustomResourceOptions): FusionAuthTheme

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_edit: Optional[str] = None,
        account_index: Optional[str] = None,
        account_two_factor_disable: Optional[str] = None,
        account_two_factor_enable: Optional[str] = None,
        account_two_factor_index: Optional[str] = None,
        account_webauthn_add: Optional[str] = None,
        account_webauthn_delete: Optional[str] = None,
        account_webauthn_index: Optional[str] = None,
        confirmation_required: Optional[str] = None,
        default_messages: Optional[str] = None,
        email_complete: Optional[str] = None,
        email_send: Optional[str] = None,
        email_sent: Optional[str] = None,
        email_verification_required: Optional[str] = None,
        email_verify: Optional[str] = None,
        helpers: Optional[str] = None,
        index: Optional[str] = None,
        localized_messages: Optional[Mapping[str, Any]] = None,
        name: Optional[str] = None,
        oauth2_authorize: Optional[str] = None,
        oauth2_authorized_not_registered: Optional[str] = None,
        oauth2_child_registration_not_allowed: Optional[str] = None,
        oauth2_child_registration_not_allowed_complete: Optional[str] = None,
        oauth2_complete_registration: Optional[str] = None,
        oauth2_consent: Optional[str] = None,
        oauth2_device: Optional[str] = None,
        oauth2_device_complete: Optional[str] = None,
        oauth2_error: Optional[str] = None,
        oauth2_logout: Optional[str] = None,
        oauth2_passwordless: Optional[str] = None,
        oauth2_register: Optional[str] = None,
        oauth2_start_idp_link: Optional[str] = None,
        oauth2_two_factor: Optional[str] = None,
        oauth2_two_factor_enable: Optional[str] = None,
        oauth2_two_factor_enable_complete: Optional[str] = None,
        oauth2_two_factor_methods: Optional[str] = None,
        oauth2_wait: Optional[str] = None,
        oauth2_webauthn: Optional[str] = None,
        oauth2_webauthn_reauth: Optional[str] = None,
        oauth2_webauthn_reauth_enable: Optional[str] = None,
        password_change: Optional[str] = None,
        password_complete: Optional[str] = None,
        password_forgot: Optional[str] = None,
        password_sent: Optional[str] = None,
        registration_complete: Optional[str] = None,
        registration_send: Optional[str] = None,
        registration_sent: Optional[str] = None,
        registration_verification_required: Optional[str] = None,
        registration_verify: Optional[str] = None,
        samlv2_logout: Optional[str] = None,
        source_theme_id: Optional[str] = None,
        stylesheet: Optional[str] = None,
        unauthorized: Optional[str] = None) -> FusionAuthTheme

func GetFusionAuthTheme(ctx *Context, name string, id IDInput, state *FusionAuthThemeState, opts ...ResourceOption) (*FusionAuthTheme, error)

public static FusionAuthTheme Get(string name, Input<string> id, FusionAuthThemeState? state, CustomResourceOptions? opts = null)

public static FusionAuthTheme get(String name, Output<String> id, FusionAuthThemeState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
AccountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
AccountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
AccountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
AccountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
AccountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
AccountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
AccountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
ConfirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
DefaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
EmailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
EmailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
EmailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
EmailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
EmailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
Index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
LocalizedMessages Dictionary<string, object>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
Name string: A unique name for the Theme.
Oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
Oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
Oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
Oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
Oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
Oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
Oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
Oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
Oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
Oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
Oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
Oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
Oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
Oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
Oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
Oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
Oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
Oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
Oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
Oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
Oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
PasswordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
PasswordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
PasswordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
PasswordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
RegistrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
RegistrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
RegistrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
RegistrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
RegistrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
SourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
Stylesheet string: A CSS stylesheet used to style the templates.
Unauthorized string: An optional FreeMarker template that contains the unauthorized page.

AccountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
AccountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
AccountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
AccountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
AccountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
AccountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
AccountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
AccountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
ConfirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
DefaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
EmailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
EmailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
EmailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
EmailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
EmailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
Index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
LocalizedMessages map[string]interface{}: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
Name string: A unique name for the Theme.
Oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
Oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
Oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
Oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
Oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
Oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
Oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
Oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
Oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
Oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
Oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
Oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
Oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
Oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
Oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
Oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
Oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
Oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
Oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
Oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
Oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
PasswordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
PasswordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
PasswordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
PasswordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
RegistrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
RegistrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
RegistrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
RegistrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
RegistrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
Samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
SourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
Stylesheet string: A CSS stylesheet used to style the templates.
Unauthorized string: An optional FreeMarker template that contains the unauthorized page.

accountEdit String: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex String: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex String: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd String: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete String: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex String: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired String: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages String: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete String: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend String: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent String: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired String: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify String: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers String: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index String: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages Map<String,Object>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name String: A unique name for the Theme.
oauth2Authorize String: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered String: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration String: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent String: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device String: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error String: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout String: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless String: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register String: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink String: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable String: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete String: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait String: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange String: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete String: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot String: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent String: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete String: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend String: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent String: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired String: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify String: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout String: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId String: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet String: A CSS stylesheet used to style the templates.
unauthorized String: An optional FreeMarker template that contains the unauthorized page.

accountEdit string: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex string: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable string: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex string: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd string: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete string: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex string: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired string: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages string: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete string: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend string: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent string: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired string: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify string: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers string: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index string: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages {[key: string]: any}: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name string: A unique name for the Theme.
oauth2Authorize string: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered string: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration string: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent string: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device string: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete string: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error string: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout string: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless string: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register string: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink string: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable string: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete string: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods string: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait string: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable string: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange string: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete string: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot string: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent string: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete string: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend string: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent string: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired string: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify string: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout string: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId string: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet string: A CSS stylesheet used to style the templates.
unauthorized string: An optional FreeMarker template that contains the unauthorized page.

account_edit str: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
account_index str: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
account_two_factor_disable str: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
account_two_factor_enable str: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
account_two_factor_index str: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
account_webauthn_add str: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
account_webauthn_delete str: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
account_webauthn_index str: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmation_required str: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
default_messages str: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
email_complete str: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
email_send str: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
email_sent str: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
email_verification_required str: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
email_verify str: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers str: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index str: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localized_messages Mapping[str, Any]: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name str: A unique name for the Theme.
oauth2_authorize str: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2_authorized_not_registered str: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2_child_registration_not_allowed str: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2_child_registration_not_allowed_complete str: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2_complete_registration str: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2_consent str: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2_device str: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2_device_complete str: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2_error str: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2_logout str: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2_passwordless str: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2_register str: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2_start_idp_link str: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2_two_factor str: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2_two_factor_enable str: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2_two_factor_enable_complete str: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2_two_factor_methods str: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2_wait str: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2_webauthn str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2_webauthn_reauth str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2_webauthn_reauth_enable str: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
password_change str: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
password_complete str: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
password_forgot str: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
password_sent str: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registration_complete str: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registration_send str: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registration_sent str: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registration_verification_required str: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registration_verify str: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2_logout str: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
source_theme_id str: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet str: A CSS stylesheet used to style the templates.
unauthorized str: An optional FreeMarker template that contains the unauthorized page.

accountEdit String: A FreeMarker template that is rendered when the user requests the /account/edit path. This page contains a form that enables authenticated users to update their profile.
accountIndex String: A FreeMarker template that is rendered when the user requests the /account path. This is the self-service account landing page. An authenticated user may use this as a starting point for operations such as updating their profile or configuring multi-factor authentication.
accountTwoFactorDisable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/disable path. This page contains a form that accepts a verification code used to disable a multi-factor authentication method.
accountTwoFactorEnable String: A FreeMarker template that is rendered when the user requests the /account/two-factor/enable path. This page contains a form that accepts a verification code used to enable a multi-factor authentication method. Additionally, this page contains presentation of recovery codes when a user enables multi-factor authentication for the first time.
accountTwoFactorIndex String: A FreeMarker template that is rendered when the user requests the /account/two-factor path. This page displays an authenticated user’s configured multi-factor authentication methods. Additionally, it provides links to enable and disable a method.
accountWebauthnAdd String: A FreeMarker template that is rendered when the user requests the /account/webauthn/add path. This page contains a form that allows a user to register a new WebAuthn passkey.
accountWebauthnDelete String: A FreeMarker template that is rendered when the user requests the /account/webauthn/delete path. This page contains a form that allows a user to delete a WebAuthn passkey.
accountWebauthnIndex String: A FreeMarker template that is rendered when the user requests the /account/webauthn/ path. This page displays an authenticated user’s registered WebAuthn passkeys. Additionally, it provides links to delete an existing passkey and register a new passkey.
confirmationRequired String: A FreeMarker template that is rendered when the user requests the /confirmation-required path. This page is displayed when a user attempts to complete an email based workflow that did not begin in the same browser. For example, if the user starts a forgot password workflow, and then opens the link in a separate browser the user will be shown this panel.
defaultMessages String: A properties file formatted String containing at least all of the message keys defined in the FusionAuth shipped messages file.
Note: default_messages Is Required if not copying an existing Theme.
emailComplete String: A FreeMarker template that is rendered when the user requests the /email/complete path. This page is used after a user has verified their email address by clicking the URL in the email. After FusionAuth has updated their user object to indicate that their email was verified, the browser is redirected to this page.
emailSend String: A FreeMarker template that is rendered when the user requests the /email/send page. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use email_sent instead. API endpoint has been migrated from /email/send to /email/sent.
emailSent String: A FreeMarker template that is rendered when the user requests the /email/sent path. This page is used after a user has asked for the verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
emailVerificationRequired String: A FreeMarker template that is rendered when the user requests the /email/verification-required path. This page is rendered when a user is required to verify their email address prior to being allowed to proceed with login. This occurs when Unverified behavior is set to Gated in email verification settings on the Tenant.
emailVerify String: A FreeMarker template that is rendered when the user requests the /email/verify path. This page is rendered when a user clicks the URL from the verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
helpers String: A FreeMarker template that contains all of the macros and templates used by the rest of the login Theme FreeMarker templates. This allows you to configure the general layout of your UI configuration and login theme without having to copy and paste HTML into each of the templates.
index String: A FreeMarker template that is rendered when the user requests the / path. This is the root landing page. This page is available to unauthenticated users and will be displayed whenever someone navigates to the FusionAuth host’s root page. Prior to version 1.27.0, navigating to this URL would redirect to /admin and would subsequently render the FusionAuth admin login page.
localizedMessages Map<Any>: A Map of localized versions of the messages. The key is the Locale and the value is a properties file formatted String.
name String: A unique name for the Theme.
oauth2Authorize String: A FreeMarker template that is rendered when the user requests the /oauth2/authorize path. This is the main login page for FusionAuth and is used for all interactive OAuth2 and OpenID Connect workflows.
oauth2AuthorizedNotRegistered String: A FreeMarker template that is rendered when the user requests the /oauth2/authorized-not-registered path. This page is rendered when a user is not registered and the Application configuration requires registration before FusionAuth will complete the redirect.
oauth2ChildRegistrationNotAllowed String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed path. This page contains a form where a child must provide their parent’s email address to ask their parent to create an account for them in a Consent workflow.
oauth2ChildRegistrationNotAllowedComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/child-registration-not-allowed-complete path. This page is rendered is rendered after a child provides their parent’s email address for parental consent in a Consent workflow.
oauth2CompleteRegistration String: A FreeMarker template that is rendered when the user requests the /oauth2/complete-registration path. This page contains a form that is used for users that have accounts but might be missing required fields.
oauth2Consent String: A FreeMarker template that is rendered when a third party application requests scopes from the user.
oauth2Device String: A FreeMarker template that is rendered when the user requests the /oauth2/device path. This page contains a form for accepting an end user’s short code for the interactive portion of the OAuth Device Authorization Grant workflow.
oauth2DeviceComplete String: A FreeMarker template that is rendered when the user requests the /oauth2/device-complete path. This page contains a complete message indicating the device authentication has completed.
oauth2Error String: This page is used if the user starts or is in the middle of the OAuth workflow and any type of error occurs. This could be caused by the user messing with the URL or internally some type of information wasn’t passed between the OAuth endpoints correctly. For example, if you are federating login to an external IdP and that IdP does not properly echo the state parameter, FusionAuth’s OAuth workflow will break and this page will be displayed.
oauth2Logout String: A FreeMarker template that is rendered when the user requests the /oauth2/logout page. This page is used if the user initiates a logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
oauth2Passwordless String: A FreeMarker template that is rendered when the user requests the /oauth2/passwordless path. This page is rendered when the user starts the passwordless login workflow. The page renders the form where the user types in their email address.
oauth2Register String: A FreeMarker template that is rendered when the user requests the /oauth2/register path. This page is used to register or sign up the user for the application when self-service registration is enabled.
oauth2StartIdpLink String: A FreeMarker template that is rendered when the user requests the /oauth2/start-idp-link path. This page is used if the Identity Provider is configured to have a pending link. The user is presented with the option to link their account with an existing FusionAuth user account.
oauth2TwoFactor String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor path. This page is used if the user has two-factor authentication enabled and they need to type in their code again. FusionAuth will properly handle the processing on the back end. This page contains the form that the user will put their code into.
oauth2TwoFactorEnable String: A FreeMarker template that contains the OAuth2 two-factor enable form.
oauth2TwoFactorEnableComplete String: A FreeMarker template that contains the OAuth2 two-factor enable complete form.
oauth2TwoFactorMethods String: A FreeMarker template that is rendered when the user requests the /oauth2/two-factor-methods path. This page contains a form providing a user with their configured multi-factor authentication options that they may use to complete the authentication challenge.
oauth2Wait String: A FreeMarker template that is rendered when the user requests the /oauth2/wait path. This page is rendered when FusionAuth is waiting for an external provider to complete an out of band authentication request. For example, during a HYPR login this page will be displayed until the user completes authentication.
oauth2Webauthn String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn path. This page contains a form where a user can enter their loginId (username or email address) to authenticate with one of their registered WebAuthn passkeys. This page uses the WebAuthn bootstrap workflow.
oauth2WebauthnReauth String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth path. This page contains a form that lists the WebAuthn passkeys currently available for re-authentication. A user can select one of the listed passkeys to authenticate using the corresponding passkey and user account.
oauth2WebauthnReauthEnable String: A FreeMarker template that is rendered when the user requests the /oauth2/webauthn-reauth-enable path. This page contains two forms. One allows the user to select one of their existing WebAuthn passkeys to use for re-authentication. The other allows the user to register a new WebAuthn passkey for re-authentication.
passwordChange String: A FreeMarker template that is rendered when the user requests the /password/change path. This page is used if the user is required to change their password or if they have requested a password reset. This page contains the form that allows the user to provide a new password.
passwordComplete String: A FreeMarker template that is rendered when the user requests the /password/complete path. This page is used after the user has successfully updated their password, or reset it. This page should instruct the user that their password was updated and that they need to login again.
passwordForgot String: A FreeMarker template that is rendered when the user requests the /password/forgot path. This page is used when a user starts the forgot password workflow. This page renders the form where the user types in their email address.
passwordSent String: A FreeMarker template that is rendered when the user requests the /password/sent path. This page is used when a user has submitted the forgot password form with their email. FusionAuth does not indicate back to the user if their email address was valid in order to prevent malicious activity that could reveal valid email addresses. Therefore, this page should indicate to the user that if their email was valid, they will receive an email shortly with a link to reset their password.
registrationComplete String: A FreeMarker template that is rendered when the user requests the /registration/complete path. This page is used after a user has verified their email address for a specific application (i.e. a user registration) by clicking the URL in the email. After FusionAuth has updated their registration object to indicate that their email was verified, the browser is redirected to this page.
registrationSend String: A FreeMarker template that is rendered when the user requests the /registration/send page. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
Deprecated: Use registration_sent instead. API endpoint has been migrated from /registration/send to /registration/sent.
registrationSent String: A FreeMarker template that is rendered when the user requests the /registration/sent path. This page is used after a user has asked for the application specific verification email to be resent. This can happen if the URL in the email expired and the user clicked it. In this case, the user can provide their email address again and FusionAuth will resend the email. After the user submits their email and FusionAuth re-sends a verification email to them, the browser is redirected to this page.
registrationVerificationRequired String: A FreeMarker template that is rendered when the user requests the /registration/verification-required path. This page is rendered when a user is required to verify their registration prior to being allowed to proceed with the registration flow. This occurs when Unverified behavior is set to Gated in registration verification settings on the Application.
registrationVerify String: A FreeMarker template that is rendered when the user requests the /registration/verify path. This page is used when a user clicks the URL from the application specific verification email and the verificationId has expired. FusionAuth expires verificationId after a period of time (which is configurable). If the user has a URL from the verification email that has expired, this page will be rendered and the error will be displayed to the user.
samlv2Logout String: A FreeMarker template that is rendered when the user requests the /samlv2/logout path. This page is used if the user initiates a SAML logout. This page causes the user to be logged out of all associated applications via a front-channel mechanism before being redirected.
sourceThemeId String: The optional Id of an existing Theme to make a copy of. If present, the defaultMessages, localizedMessages, templates, and stylesheet from the source Theme will be copied to the new Theme.
stylesheet String: A CSS stylesheet used to style the templates.
unauthorized String: An optional FreeMarker template that contains the unauthorized page.

Package Details

Repository: fusionauth theogravity/pulumi-fusionauth
License: MIT
Notes: This Pulumi package is based on the fusionauth Terraform Provider.

FusionAuth v5.1.0 published on Tuesday, Oct 22, 2024 by Theo Gravity

theogravity/pulumi-fusionauth

fusionauth.FusionAuthTheme

On this page

On this page

# Theme Resource

Example Usage

Create FusionAuthTheme Resource

Constructor syntax

Parameters

Constructor example

FusionAuthTheme Resource Properties

Inputs

Outputs

Look up Existing FusionAuthTheme Resource

Package Details

On this page

On this page