schema.graphql

"""
The input for the `addEmail` mutation
"""
input AddEmailInput {
  """
  The email address to add
  """
  email: String!
  """
  The ID of the user to add the email address to
  """
  userId: ID!
  """
  Skip the email address verification. Only allowed for admins.
  """
  skipVerification: Boolean
  """
  Skip the email address policy check. Only allowed for admins.
  """
  skipPolicyCheck: Boolean
}

"""
The payload of the `addEmail` mutation
"""
type AddEmailPayload {
  """
  Status of the operation
  """
  status: AddEmailStatus!
  """
  The email address that was added
  """
  email: UserEmail
  """
  The user to whom the email address was added
  """
  user: User
  """
  The list of policy violations if the email address was denied
  """
  violations: [String!]
}

"""
The status of the `addEmail` mutation
"""
enum AddEmailStatus {
  """
  The email address was added
  """
  ADDED
  """
  The email address already exists
  """
  EXISTS
  """
  The email address is invalid
  """
  INVALID
  """
  The email address is not allowed by the policy
  """
  DENIED
}

"""
The input for the `addUser` mutation.
"""
input AddUserInput {
  """
  The username of the user to add.
  """
  username: String!
  """
  Skip checking with the homeserver whether the username is valid.

  Use this with caution! The main reason to use this, is when a user used
  by an application service needs to exist in MAS to craft special
  tokens (like with admin access) for them
  """
  skipHomeserverCheck: Boolean
}

"""
The payload for the `addUser` mutation.
"""
type AddUserPayload {
  """
  Status of the operation
  """
  status: AddUserStatus!
  """
  The user that was added.
  """
  user: User
}

"""
The status of the `addUser` mutation.
"""
enum AddUserStatus {
  """
  The user was added.
  """
  ADDED
  """
  The user already exists.
  """
  EXISTS
  """
  The username is reserved.
  """
  RESERVED
  """
  The username is invalid.
  """
  INVALID
}

"""
The input for the `allowUserCrossSigningReset` mutation.
"""
input AllowUserCrossSigningResetInput {
  """
  The ID of the user to update.
  """
  userId: ID!
}

"""
The payload for the `allowUserCrossSigningReset` mutation.
"""
type AllowUserCrossSigningResetPayload {
  """
  The user that was updated.
  """
  user: User
}

type Anonymous implements Node {
  id: ID!
}

"""
A session in an application, either a compatibility or an OAuth 2.0 one
"""
union AppSession = CompatSession | Oauth2Session

type AppSessionConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [AppSessionEdge!]!
  """
  A list of nodes.
  """
  nodes: [AppSession!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type AppSessionEdge {
  """
  The item at the end of the edge
  """
  node: AppSession!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
An authentication records when a user enter their credential in a browser
session.
"""
type Authentication implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  When the object was created.
  """
  createdAt: DateTime!
}

"""
A browser session represents a logged in user in a browser.
"""
type BrowserSession implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  The user logged in this session.
  """
  user: User!
  """
  The most recent authentication of this session.
  """
  lastAuthentication: Authentication
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  When the session was finished.
  """
  finishedAt: DateTime
  """
  The state of the session.
  """
  state: SessionState!
  """
  The user-agent with which the session was created.
  """
  userAgent: UserAgent
  """
  The last IP address used by the session.
  """
  lastActiveIp: String
  """
  The last time the session was active.
  """
  lastActiveAt: DateTime
  """
  Get the list of both compat and OAuth 2.0 sessions started by this
  browser session, chronologically sorted
  """
  appSessions(
    """
    List only sessions in the given state.
    """
    state: SessionState
    """
    List only sessions for the given device.
    """
    device: String
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): AppSessionConnection!
}

type BrowserSessionConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [BrowserSessionEdge!]!
  """
  A list of nodes.
  """
  nodes: [BrowserSession!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type BrowserSessionEdge {
  """
  The item at the end of the edge
  """
  node: BrowserSession!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

type CaptchaConfig {
  """
  Which Captcha service is being used
  """
  service: CaptchaService!
  """
  The site key used by the instance
  """
  siteKey: String!
  id: ID!
}

"""
Which Captcha service is being used
"""
enum CaptchaService {
  RECAPTCHA_V2
  CLOUDFLARE_TURNSTILE
  H_CAPTCHA
}

"""
A compat session represents a client session which used the legacy Matrix
login API.
"""
type CompatSession implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  The user authorized for this session.
  """
  user: User!
  """
  The Matrix Device ID of this session.
  """
  deviceId: String!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  When the session ended.
  """
  finishedAt: DateTime
  """
  The user-agent with which the session was created.
  """
  userAgent: UserAgent
  """
  The associated SSO login, if any.
  """
  ssoLogin: CompatSsoLogin
  """
  The browser session which started this session, if any.
  """
  browserSession: BrowserSession
  """
  The state of the session.
  """
  state: SessionState!
  """
  The last IP address used by the session.
  """
  lastActiveIp: String
  """
  The last time the session was active.
  """
  lastActiveAt: DateTime
}

type CompatSessionConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [CompatSessionEdge!]!
  """
  A list of nodes.
  """
  nodes: [CompatSession!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type CompatSessionEdge {
  """
  The item at the end of the edge
  """
  node: CompatSession!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
The type of a compatibility session.
"""
enum CompatSessionType {
  """
  The session was created by a SSO login.
  """
  SSO_LOGIN
  """
  The session was created by an unknown method.
  """
  UNKNOWN
}

"""
A compat SSO login represents a login done through the legacy Matrix login
API, via the `m.login.sso` login method.
"""
type CompatSsoLogin implements Node {
  """
  ID of the object.
  """
  id: ID!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  The redirect URI used during the login.
  """
  redirectUri: Url!
  """
  When the login was fulfilled, and the user was redirected back to the
  client.
  """
  fulfilledAt: DateTime
  """
  When the client exchanged the login token sent during the redirection.
  """
  exchangedAt: DateTime
  """
  The compat session which was started by this login.
  """
  session: CompatSession
}

type CompatSsoLoginConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [CompatSsoLoginEdge!]!
  """
  A list of nodes.
  """
  nodes: [CompatSsoLogin!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type CompatSsoLoginEdge {
  """
  The item at the end of the edge
  """
  node: CompatSsoLogin!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
The input of the `createOauth2Session` mutation.
"""
input CreateOAuth2SessionInput {
  """
  The scope of the session
  """
  scope: String!
  """
  The ID of the user for which to create the session
  """
  userId: ID!
  """
  Whether the session should issue a never-expiring access token
  """
  permanent: Boolean
}

"""
The payload of the `createOauth2Session` mutation.
"""
type CreateOAuth2SessionPayload {
  """
  Access token for this session
  """
  accessToken: String!
  """
  Refresh token for this session, if it is not a permanent session
  """
  refreshToken: String
  """
  The OAuth 2.0 session which was just created
  """
  oauth2Session: Oauth2Session!
}

"""
An object with a creation date.
"""
interface CreationEvent {
  """
  When the object was created.
  """
  createdAt: DateTime!
}

"""
A filter for dates, with a lower bound and an upper bound
"""
input DateFilter {
  """
  The lower bound of the date range
  """
  after: DateTime
  """
  The upper bound of the date range
  """
  before: DateTime
}

"""
Implement the DateTime<Utc> scalar

The input/output is a string in RFC3339 format.
"""
scalar DateTime

"""
The type of a user agent
"""
enum DeviceType {
  """
  A personal computer, laptop or desktop
  """
  PC
  """
  A mobile phone. Can also sometimes be a tablet.
  """
  MOBILE
  """
  A tablet
  """
  TABLET
  """
  Unknown device type
  """
  UNKNOWN
}

"""
The input of the `endBrowserSession` mutation.
"""
input EndBrowserSessionInput {
  """
  The ID of the session to end.
  """
  browserSessionId: ID!
}

type EndBrowserSessionPayload {
  """
  The status of the mutation.
  """
  status: EndBrowserSessionStatus!
  """
  Returns the ended session.
  """
  browserSession: BrowserSession
}

"""
The status of the `endBrowserSession` mutation.
"""
enum EndBrowserSessionStatus {
  """
  The session was ended.
  """
  ENDED
  """
  The session was not found.
  """
  NOT_FOUND
}

"""
The input of the `endCompatSession` mutation.
"""
input EndCompatSessionInput {
  """
  The ID of the session to end.
  """
  compatSessionId: ID!
}

type EndCompatSessionPayload {
  """
  The status of the mutation.
  """
  status: EndCompatSessionStatus!
  """
  Returns the ended session.
  """
  compatSession: CompatSession
}

"""
The status of the `endCompatSession` mutation.
"""
enum EndCompatSessionStatus {
  """
  The session was ended.
  """
  ENDED
  """
  The session was not found.
  """
  NOT_FOUND
}

"""
The input of the `endOauth2Session` mutation.
"""
input EndOAuth2SessionInput {
  """
  The ID of the session to end.
  """
  oauth2SessionId: ID!
}

type EndOAuth2SessionPayload {
  """
  The status of the mutation.
  """
  status: EndOAuth2SessionStatus!
  """
  Returns the ended session.
  """
  oauth2Session: Oauth2Session
}

"""
The status of the `endOauth2Session` mutation.
"""
enum EndOAuth2SessionStatus {
  """
  The session was ended.
  """
  ENDED
  """
  The session was not found.
  """
  NOT_FOUND
}

"""
The input for the `lockUser` mutation.
"""
input LockUserInput {
  """
  The ID of the user to lock.
  """
  userId: ID!
  """
  Permanently lock the user.
  """
  deactivate: Boolean
}

"""
The payload for the `lockUser` mutation.
"""
type LockUserPayload {
  """
  Status of the operation
  """
  status: LockUserStatus!
  """
  The user that was locked.
  """
  user: User
}

"""
The status of the `lockUser` mutation.
"""
enum LockUserStatus {
  """
  The user was locked.
  """
  LOCKED
  """
  The user was not found.
  """
  NOT_FOUND
}

type MatrixUser {
  """
  The Matrix ID of the user.
  """
  mxid: String!
  """
  The display name of the user, if any.
  """
  displayName: String
  """
  The avatar URL of the user, if any.
  """
  avatarUrl: String
  """
  Whether the user is deactivated on the homeserver.
  """
  deactivated: Boolean!
}

"""
The mutations root of the GraphQL interface.
"""
type Mutation {
  """
  Add an email address to the specified user
  """
  addEmail(input: AddEmailInput!): AddEmailPayload!
  """
  Send a verification code for an email address
  """
  sendVerificationEmail(
    input: SendVerificationEmailInput!
  ): SendVerificationEmailPayload!
  """
  Submit a verification code for an email address
  """
  verifyEmail(input: VerifyEmailInput!): VerifyEmailPayload!
  """
  Remove an email address
  """
  removeEmail(input: RemoveEmailInput!): RemoveEmailPayload!
  """
  Set an email address as primary
  """
  setPrimaryEmail(input: SetPrimaryEmailInput!): SetPrimaryEmailPayload!
  """
  Add a user. This is only available to administrators.
  """
  addUser(input: AddUserInput!): AddUserPayload!
  """
  Lock a user. This is only available to administrators.
  """
  lockUser(input: LockUserInput!): LockUserPayload!
  """
  Unlock a user. This is only available to administrators.
  """
  unlockUser(input: UnlockUserInput!): UnlockUserPayload!
  """
  Set whether a user can request admin. This is only available to
  administrators.
  """
  setCanRequestAdmin(
    input: SetCanRequestAdminInput!
  ): SetCanRequestAdminPayload!
  """
  Temporarily allow user to reset their cross-signing keys.
  """
  allowUserCrossSigningReset(
    input: AllowUserCrossSigningResetInput!
  ): AllowUserCrossSigningResetPayload!
  """
  Set the password for a user.

  This can be used by server administrators to set any user's password,
  or, provided the capability hasn't been disabled on this server,
  by a user to change their own password as long as they know their
  current password.
  """
  setPassword(input: SetPasswordInput!): SetPasswordPayload!
  """
  Set the password for yourself, using a recovery ticket sent by e-mail.
  """
  setPasswordByRecovery(input: SetPasswordByRecoveryInput!): SetPasswordPayload!
  """
  Create a new arbitrary OAuth 2.0 Session.

  Only available for administrators.
  """
  createOauth2Session(
    input: CreateOAuth2SessionInput!
  ): CreateOAuth2SessionPayload!
  endOauth2Session(input: EndOAuth2SessionInput!): EndOAuth2SessionPayload!
  endCompatSession(input: EndCompatSessionInput!): EndCompatSessionPayload!
  endBrowserSession(input: EndBrowserSessionInput!): EndBrowserSessionPayload!
  """
  Set the display name of a user
  """
  setDisplayName(input: SetDisplayNameInput!): SetDisplayNamePayload!
}

"""
An object with an ID.
"""
interface Node {
  """
  ID of the object.
  """
  id: ID!
}

"""
The application type advertised by the client.
"""
enum Oauth2ApplicationType {
  """
  Client is a web application.
  """
  WEB
  """
  Client is a native application.
  """
  NATIVE
}

"""
An OAuth 2.0 client
"""
type Oauth2Client implements Node {
  """
  ID of the object.
  """
  id: ID!
  """
  OAuth 2.0 client ID
  """
  clientId: String!
  """
  Client name advertised by the client.
  """
  clientName: String
  """
  Client URI advertised by the client.
  """
  clientUri: Url
  """
  Logo URI advertised by the client.
  """
  logoUri: Url
  """
  Terms of services URI advertised by the client.
  """
  tosUri: Url
  """
  Privacy policy URI advertised by the client.
  """
  policyUri: Url
  """
  List of redirect URIs used for authorization grants by the client.
  """
  redirectUris: [Url!]!
  """
  The application type advertised by the client.
  """
  applicationType: Oauth2ApplicationType
}

"""
An OAuth 2.0 session represents a client session which used the OAuth APIs
to login.
"""
type Oauth2Session implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  OAuth 2.0 client used by this session.
  """
  client: Oauth2Client!
  """
  Scope granted for this session.
  """
  scope: String!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  When the session ended.
  """
  finishedAt: DateTime
  """
  The user-agent with which the session was created.
  """
  userAgent: UserAgent
  """
  The state of the session.
  """
  state: SessionState!
  """
  The browser session which started this OAuth 2.0 session.
  """
  browserSession: BrowserSession
  """
  User authorized for this session.
  """
  user: User
  """
  The last IP address used by the session.
  """
  lastActiveIp: String
  """
  The last time the session was active.
  """
  lastActiveAt: DateTime
}

type Oauth2SessionConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [Oauth2SessionEdge!]!
  """
  A list of nodes.
  """
  nodes: [Oauth2Session!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type Oauth2SessionEdge {
  """
  The item at the end of the edge
  """
  node: Oauth2Session!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
Information about pagination in a connection
"""
type PageInfo {
  """
  When paginating backwards, are there more items?
  """
  hasPreviousPage: Boolean!
  """
  When paginating forwards, are there more items?
  """
  hasNextPage: Boolean!
  """
  When paginating backwards, the cursor to continue.
  """
  startCursor: String
  """
  When paginating forwards, the cursor to continue.
  """
  endCursor: String
}

"""
The query root of the GraphQL interface.
"""
type Query {
  """
  Get the current logged in browser session
  """
  currentBrowserSession: BrowserSession
    @deprecated(reason: "Use `viewerSession` instead.")
  """
  Get the current logged in user
  """
  currentUser: User @deprecated(reason: "Use `viewer` instead.")
  """
  Fetch an OAuth 2.0 client by its ID.
  """
  oauth2Client(id: ID!): Oauth2Client
  """
  Fetch a browser session by its ID.
  """
  browserSession(id: ID!): BrowserSession
  """
  Fetch a compatible session by its ID.
  """
  compatSession(id: ID!): CompatSession
  """
  Fetch an OAuth 2.0 session by its ID.
  """
  oauth2Session(id: ID!): Oauth2Session
  """
  Fetch a user email by its ID.
  """
  userEmail(id: ID!): UserEmail
  """
  Fetches an object given its ID.
  """
  node(id: ID!): Node
  """
  Get the current site configuration
  """
  siteConfig: SiteConfig!
  """
  Fetch a user by its ID.
  """
  user(id: ID!): User
  """
  Fetch a user by its username.
  """
  userByUsername(username: String!): User
  """
  Get a list of users.

  This is only available to administrators.
  """
  users(
    """
    List only users with the given state.
    """
    state: UserState
    """
    List only users with the given 'canRequestAdmin' value
    """
    canRequestAdmin: Boolean
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): UserConnection!
  """
  Fetch an upstream OAuth 2.0 link by its ID.
  """
  upstreamOauth2Link(id: ID!): UpstreamOAuth2Link
  """
  Fetch an upstream OAuth 2.0 provider by its ID.
  """
  upstreamOauth2Provider(id: ID!): UpstreamOAuth2Provider
  """
  Get a list of upstream OAuth 2.0 providers.
  """
  upstreamOauth2Providers(
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): UpstreamOAuth2ProviderConnection!
  """
  Lookup a compat or OAuth 2.0 session
  """
  session(userId: ID!, deviceId: String!): Session
  """
  Get the viewer
  """
  viewer: Viewer!
  """
  Get the viewer's session
  """
  viewerSession: ViewerSession!
}

"""
The input for the `removeEmail` mutation
"""
input RemoveEmailInput {
  """
  The ID of the email address to remove
  """
  userEmailId: ID!
}

"""
The payload of the `removeEmail` mutation
"""
type RemoveEmailPayload {
  """
  Status of the operation
  """
  status: RemoveEmailStatus!
  """
  The email address that was removed
  """
  email: UserEmail
  """
  The user to whom the email address belonged
  """
  user: User
}

"""
The status of the `removeEmail` mutation
"""
enum RemoveEmailStatus {
  """
  The email address was removed
  """
  REMOVED
  """
  Can't remove the primary email address
  """
  PRIMARY
  """
  The email address was not found
  """
  NOT_FOUND
}

"""
The input for the `sendVerificationEmail` mutation
"""
input SendVerificationEmailInput {
  """
  The ID of the email address to verify
  """
  userEmailId: ID!
}

"""
The payload of the `sendVerificationEmail` mutation
"""
type SendVerificationEmailPayload {
  """
  Status of the operation
  """
  status: SendVerificationEmailStatus!
  """
  The email address to which the verification email was sent
  """
  email: UserEmail!
  """
  The user to whom the email address belongs
  """
  user: User!
}

"""
The status of the `sendVerificationEmail` mutation
"""
enum SendVerificationEmailStatus {
  """
  The verification email was sent
  """
  SENT
  """
  The email address is already verified
  """
  ALREADY_VERIFIED
}

"""
A client session, either compat or OAuth 2.0
"""
union Session = CompatSession | Oauth2Session

"""
The state of a session
"""
enum SessionState {
  """
  The session is active.
  """
  ACTIVE
  """
  The session is no longer active.
  """
  FINISHED
}

"""
The input for the `setCanRequestAdmin` mutation.
"""
input SetCanRequestAdminInput {
  """
  The ID of the user to update.
  """
  userId: ID!
  """
  Whether the user can request admin.
  """
  canRequestAdmin: Boolean!
}

"""
The payload for the `setCanRequestAdmin` mutation.
"""
type SetCanRequestAdminPayload {
  """
  The user that was updated.
  """
  user: User
}

"""
The input for the `addEmail` mutation
"""
input SetDisplayNameInput {
  """
  The ID of the user to add the email address to
  """
  userId: ID!
  """
  The display name to set. If `None`, the display name will be removed.
  """
  displayName: String
}

"""
The payload of the `setDisplayName` mutation
"""
type SetDisplayNamePayload {
  """
  Status of the operation
  """
  status: SetDisplayNameStatus!
  """
  The user that was updated
  """
  user: User
}

"""
The status of the `setDisplayName` mutation
"""
enum SetDisplayNameStatus {
  """
  The display name was set
  """
  SET
  """
  The display name is invalid
  """
  INVALID
}

"""
The input for the `setPasswordByRecovery` mutation.
"""
input SetPasswordByRecoveryInput {
  """
  The recovery ticket to use.
  This identifies the user as well as proving authorisation to perform the
  recovery operation.
  """
  ticket: String!
  """
  The new password for the user.
  """
  newPassword: String!
}

"""
The input for the `setPassword` mutation.
"""
input SetPasswordInput {
  """
  The ID of the user to set the password for.
  If you are not a server administrator then this must be your own user
  ID.
  """
  userId: ID!
  """
  The current password of the user.
  Required if you are not a server administrator.
  """
  currentPassword: String
  """
  The new password for the user.
  """
  newPassword: String!
}

"""
The return type for the `setPassword` mutation.
"""
type SetPasswordPayload {
  """
  Status of the operation
  """
  status: SetPasswordStatus!
}

"""
The status of the `setPassword` mutation.
"""
enum SetPasswordStatus {
  """
  The password was updated.
  """
  ALLOWED
  """
  The user was not found.
  """
  NOT_FOUND
  """
  The user doesn't have a current password to attempt to match against.
  """
  NO_CURRENT_PASSWORD
  """
  The supplied current password was wrong.
  """
  WRONG_PASSWORD
  """
  The new password is invalid. For example, it may not meet configured
  security requirements.
  """
  INVALID_NEW_PASSWORD
  """
  You aren't allowed to set the password for that user.
  This happens if you aren't setting your own password and you aren't a
  server administrator.
  """
  NOT_ALLOWED
  """
  Password support has been disabled.
  This usually means that login is handled by an upstream identity
  provider.
  """
  PASSWORD_CHANGES_DISABLED
  """
  The specified recovery ticket does not exist.
  """
  NO_SUCH_RECOVERY_TICKET
  """
  The specified recovery ticket has already been used and cannot be used
  again.
  """
  RECOVERY_TICKET_ALREADY_USED
  """
  The specified recovery ticket has expired.
  """
  EXPIRED_RECOVERY_TICKET
  """
  Your account is locked and you can't change its password.
  """
  ACCOUNT_LOCKED
}

"""
The input for the `setPrimaryEmail` mutation
"""
input SetPrimaryEmailInput {
  """
  The ID of the email address to set as primary
  """
  userEmailId: ID!
}

"""
The payload of the `setPrimaryEmail` mutation
"""
type SetPrimaryEmailPayload {
  status: SetPrimaryEmailStatus!
  """
  The user to whom the email address belongs
  """
  user: User
}

"""
The status of the `setPrimaryEmail` mutation
"""
enum SetPrimaryEmailStatus {
  """
  The email address was set as primary
  """
  SET
  """
  The email address was not found
  """
  NOT_FOUND
  """
  Can't make an unverified email address primary
  """
  UNVERIFIED
}

type SiteConfig implements Node {
  """
  The configuration of CAPTCHA provider.
  """
  captchaConfig: CaptchaConfig
  """
  The server name of the homeserver.
  """
  serverName: String!
  """
  The URL to the privacy policy.
  """
  policyUri: Url
  """
  The URL to the terms of service.
  """
  tosUri: Url
  """
  Imprint to show in the footer.
  """
  imprint: String
  """
  Whether users can change their email.
  """
  emailChangeAllowed: Boolean!
  """
  Whether users can change their display name.
  """
  displayNameChangeAllowed: Boolean!
  """
  Whether passwords are enabled for login.
  """
  passwordLoginEnabled: Boolean!
  """
  Whether passwords are enabled and users can change their own passwords.
  """
  passwordChangeAllowed: Boolean!
  """
  Whether passwords are enabled and users can register using a password.
  """
  passwordRegistrationEnabled: Boolean!
  """
  Minimum password complexity, from 0 to 4, in terms of a zxcvbn score.
  The exact scorer (including dictionaries and other data tables)
  in use is <https://crates.io/crates/zxcvbn>.
  """
  minimumPasswordComplexity: Int!
  """
  The ID of the site configuration.
  """
  id: ID!
}

"""
The input for the `unlockUser` mutation.
"""
input UnlockUserInput {
  """
  The ID of the user to unlock
  """
  userId: ID!
}

"""
The payload for the `unlockUser` mutation.
"""
type UnlockUserPayload {
  """
  Status of the operation
  """
  status: UnlockUserStatus!
  """
  The user that was unlocked.
  """
  user: User
}

"""
The status of the `unlockUser` mutation.
"""
enum UnlockUserStatus {
  """
  The user was unlocked.
  """
  UNLOCKED
  """
  The user was not found.
  """
  NOT_FOUND
}

type UpstreamOAuth2Link implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  Subject used for linking
  """
  subject: String!
  """
  The provider for which this link is.
  """
  provider: UpstreamOAuth2Provider!
  """
  The user to which this link is associated.
  """
  user: User
}

type UpstreamOAuth2LinkConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [UpstreamOAuth2LinkEdge!]!
  """
  A list of nodes.
  """
  nodes: [UpstreamOAuth2Link!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type UpstreamOAuth2LinkEdge {
  """
  The item at the end of the edge
  """
  node: UpstreamOAuth2Link!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

type UpstreamOAuth2Provider implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  OpenID Connect issuer URL.
  """
  issuer: String!
  """
  Client ID used for this provider.
  """
  clientId: String!
}

type UpstreamOAuth2ProviderConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [UpstreamOAuth2ProviderEdge!]!
  """
  A list of nodes.
  """
  nodes: [UpstreamOAuth2Provider!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type UpstreamOAuth2ProviderEdge {
  """
  The item at the end of the edge
  """
  node: UpstreamOAuth2Provider!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
URL is a String implementing the [URL Standard](http://url.spec.whatwg.org/)
"""
scalar Url

"""
A user is an individual's account.
"""
type User implements Node {
  """
  ID of the object.
  """
  id: ID!
  """
  Username chosen by the user.
  """
  username: String!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  When the user was locked out.
  """
  lockedAt: DateTime
  """
  Whether the user can request admin privileges.
  """
  canRequestAdmin: Boolean!
  """
  Access to the user's Matrix account information.
  """
  matrix: MatrixUser!
  """
  Primary email address of the user.
  """
  primaryEmail: UserEmail
  """
  Get the list of compatibility SSO logins, chronologically sorted
  """
  compatSsoLogins(
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): CompatSsoLoginConnection!
  """
  Get the list of compatibility sessions, chronologically sorted
  """
  compatSessions(
    """
    List only sessions with the given state.
    """
    state: SessionState
    """
    List only sessions with the given type.
    """
    type: CompatSessionType
    """
    List only sessions with a last active time is between the given bounds.
    """
    lastActive: DateFilter
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): CompatSessionConnection!
  """
  Get the list of active browser sessions, chronologically sorted
  """
  browserSessions(
    """
    List only sessions in the given state.
    """
    state: SessionState
    """
    List only sessions with a last active time is between the given bounds.
    """
    lastActive: DateFilter
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): BrowserSessionConnection!
  """
  Get the list of emails, chronologically sorted
  """
  emails(
    """
    List only emails in the given state.
    """
    state: UserEmailState
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): UserEmailConnection!
  """
  Get the list of OAuth 2.0 sessions, chronologically sorted
  """
  oauth2Sessions(
    """
    List only sessions in the given state.
    """
    state: SessionState
    """
    List only sessions for the given client.
    """
    client: ID
    """
    List only sessions with a last active time is between the given bounds.
    """
    lastActive: DateFilter
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): Oauth2SessionConnection!
  """
  Get the list of upstream OAuth 2.0 links
  """
  upstreamOauth2Links(
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): UpstreamOAuth2LinkConnection!
  """
  Get the list of both compat and OAuth 2.0 sessions, chronologically
  sorted
  """
  appSessions(
    """
    List only sessions in the given state.
    """
    state: SessionState
    """
    List only sessions for the given device.
    """
    device: String
    """
    List only sessions with a last active time is between the given bounds.
    """
    lastActive: DateFilter
    """
    List only sessions for the given session.
    """
    browserSession: ID
    """
    Returns the elements in the list that come after the cursor.
    """
    after: String
    """
    Returns the elements in the list that come before the cursor.
    """
    before: String
    """
    Returns the first *n* elements from the list.
    """
    first: Int
    """
    Returns the last *n* elements from the list.
    """
    last: Int
  ): AppSessionConnection!
}

"""
A parsed user agent string
"""
type UserAgent {
  """
  The user agent string
  """
  raw: String!
  """
  The name of the browser
  """
  name: String
  """
  The version of the browser
  """
  version: String
  """
  The operating system name
  """
  os: String
  """
  The operating system version
  """
  osVersion: String
  """
  The device model
  """
  model: String
  """
  The device type
  """
  deviceType: DeviceType!
}

type UserConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [UserEdge!]!
  """
  A list of nodes.
  """
  nodes: [User!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type UserEdge {
  """
  The item at the end of the edge
  """
  node: User!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
A user email address
"""
type UserEmail implements Node & CreationEvent {
  """
  ID of the object.
  """
  id: ID!
  """
  Email address
  """
  email: String!
  """
  When the object was created.
  """
  createdAt: DateTime!
  """
  When the email address was confirmed. Is `null` if the email was never
  verified by the user.
  """
  confirmedAt: DateTime
}

type UserEmailConnection {
  """
  Information to aid in pagination.
  """
  pageInfo: PageInfo!
  """
  A list of edges.
  """
  edges: [UserEmailEdge!]!
  """
  A list of nodes.
  """
  nodes: [UserEmail!]!
  """
  Identifies the total count of items in the connection.
  """
  totalCount: Int!
}

"""
An edge in a connection.
"""
type UserEmailEdge {
  """
  The item at the end of the edge
  """
  node: UserEmail!
  """
  A cursor for use in pagination
  """
  cursor: String!
}

"""
The state of a compatibility session.
"""
enum UserEmailState {
  """
  The email address is pending confirmation.
  """
  PENDING
  """
  The email address has been confirmed.
  """
  CONFIRMED
}

"""
The state of a user.
"""
enum UserState {
  """
  The user is active.
  """
  ACTIVE
  """
  The user is locked.
  """
  LOCKED
}

"""
The input for the `verifyEmail` mutation
"""
input VerifyEmailInput {
  """
  The ID of the email address to verify
  """
  userEmailId: ID!
  """
  The verification code
  """
  code: String!
}

"""
The payload of the `verifyEmail` mutation
"""
type VerifyEmailPayload {
  """
  Status of the operation
  """
  status: VerifyEmailStatus!
  """
  The email address that was verified
  """
  email: UserEmail
  """
  The user to whom the email address belongs
  """
  user: User
}

"""
The status of the `verifyEmail` mutation
"""
enum VerifyEmailStatus {
  """
  The email address was just verified
  """
  VERIFIED
  """
  The email address was already verified before
  """
  ALREADY_VERIFIED
  """
  The verification code is invalid
  """
  INVALID_CODE
}

"""
Represents the current viewer
"""
union Viewer = User | Anonymous

"""
Represents the current viewer's session
"""
union ViewerSession = BrowserSession | Oauth2Session | Anonymous

directive @deprecated(
  reason: String = "No longer supported"
) on FIELD_DEFINITION | ARGUMENT_DEFINITION | INPUT_FIELD_DEFINITION | ENUM_VALUE
directive @include(if: Boolean!) on FIELD | FRAGMENT_SPREAD | INLINE_FRAGMENT
directive @skip(if: Boolean!) on FIELD | FRAGMENT_SPREAD | INLINE_FRAGMENT
directive @specifiedBy(url: String!) on SCALAR
schema {
  query: Query
  mutation: Mutation
}