From 0aa4a5958b2fa57ccfd050f111f5d79bd4f2c2fb Mon Sep 17 00:00:00 2001 From: "A. Craig West" Date: Wed, 18 Dec 2024 16:52:26 -0500 Subject: [PATCH] Custom email provider implementation --- src/deprecations.ts | 9 +- src/management/__generated/index.ts | 2 - .../__generated/managers/actions-manager.ts | 37 +- .../__generated/managers/anomaly-manager.ts | 4 +- .../managers/attack-protection-manager.ts | 18 +- .../managers/blacklists-manager.ts | 67 - .../__generated/managers/branding-manager.ts | 403 ++ .../managers/client-grants-manager.ts | 80 +- .../__generated/managers/clients-manager.ts | 9 +- .../managers/connections-manager.ts | 33 +- .../managers/custom-domains-manager.ts | 5 +- .../managers/device-credentials-manager.ts | 12 +- .../managers/email-templates-manager.ts | 2 +- .../__generated/managers/emails-manager.ts | 98 +- .../__generated/managers/guardian-manager.ts | 279 +- src/management/__generated/managers/index.ts | 1 - .../__generated/managers/jobs-manager.ts | 2 +- .../__generated/managers/keys-manager.ts | 198 + .../managers/log-streams-manager.ts | 50 +- .../managers/organizations-manager.ts | 160 +- .../__generated/managers/prompts-manager.ts | 40 +- .../managers/resource-servers-manager.ts | 8 +- .../__generated/managers/roles-manager.ts | 45 +- .../__generated/managers/sessions-manager.ts | 27 + .../__generated/managers/tickets-manager.ts | 8 +- .../managers/user-blocks-manager.ts | 14 +- .../managers/users-by-email-manager.ts | 6 +- .../__generated/managers/users-manager.ts | 104 +- src/management/__generated/models/index.ts | 3275 +++++++++++++---- 29 files changed, 4004 insertions(+), 992 deletions(-) delete mode 100644 src/management/__generated/managers/blacklists-manager.ts diff --git a/src/deprecations.ts b/src/deprecations.ts index d18686f08..f6d55ba7a 100644 --- a/src/deprecations.ts +++ b/src/deprecations.ts @@ -7,7 +7,6 @@ import { EmailProviderUpdateCredentials, ClientCreateOidcLogout, ClientOidcLogout, - ClientUpdateOidcLogout, PostOrganizations201ResponseEnabledConnectionsInnerConnection, } from './management/__generated/models/index.js'; @@ -40,9 +39,13 @@ export type ClientCreateOidcBackchannelLogout = ClientCreateOidcLogout; */ export type ClientOidcBackchannelLogout = ClientOidcLogout; /** - * @deprecated Use {@link ClientUpdateOidcLogout} instead. + * @deprecated Use {@link ClientCreateOidcLogout} instead. + */ +export type ClientUpdateOidcBackchannelLogout = ClientCreateOidcLogout; +/** + * @deprecated Use {@link ClientCreateOidcLogout} instead. */ -export type ClientUpdateOidcBackchannelLogout = ClientUpdateOidcLogout; +export type ClientUpdateOidcLogout = ClientCreateOidcLogout; /** * @deprecated use {@link PostOrganizations201ResponseEnabledConnectionsInnerConnection} instead. */ diff --git a/src/management/__generated/index.ts b/src/management/__generated/index.ts index ffa6462e2..e0669c075 100644 --- a/src/management/__generated/index.ts +++ b/src/management/__generated/index.ts @@ -5,7 +5,6 @@ import { ActionsManager, AnomalyManager, AttackProtectionManager, - BlacklistsManager, BrandingManager, ClientGrantsManager, ClientsManager, @@ -46,7 +45,6 @@ export abstract class ManagementClientBase { public readonly actions = new ActionsManager(this.configuration); public readonly anomaly = new AnomalyManager(this.configuration); public readonly attackProtection = new AttackProtectionManager(this.configuration); - public readonly blacklists = new BlacklistsManager(this.configuration); public readonly branding = new BrandingManager(this.configuration); public readonly clientGrants = new ClientGrantsManager(this.configuration); public readonly clients = new ClientsManager(this.configuration); diff --git a/src/management/__generated/managers/actions-manager.ts b/src/management/__generated/managers/actions-manager.ts index 4d83780e1..6d6333663 100644 --- a/src/management/__generated/managers/actions-manager.ts +++ b/src/management/__generated/managers/actions-manager.ts @@ -36,8 +36,7 @@ const { BaseAPI } = runtime; */ export class ActionsManager extends BaseAPI { /** - * Deletes an action and all of its associated versions. An action must be unbound from all triggers - * before it can be deleted. + * Deletes an action and all of its associated versions. An action must be unbound from all triggers before it can be deleted. * * Delete an action * @@ -99,8 +98,7 @@ export class ActionsManager extends BaseAPI { } /** - * Retrieve a specific version of an action. An action version is created whenever - * an action is deployed. An action version is immutable, once created. + * Retrieve a specific version of an action. An action version is created whenever an action is deployed. An action version is immutable, once created. * * Get a specific version of an action * @@ -126,8 +124,7 @@ export class ActionsManager extends BaseAPI { } /** - * Retrieve all of an action's versions. An action version is created whenever - * an action is deployed. An action version is immutable, once created. + * Retrieve all of an action's versions. An action version is created whenever an action is deployed. An action version is immutable, once created. * * Get an action's versions * @@ -216,9 +213,7 @@ export class ActionsManager extends BaseAPI { } /** - * Retrieve the actions that are bound to a trigger. Once an action is created and deployed, it must be - * attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The list of actions returned - * reflects the order in which they will be executed during the appropriate flow. + * Retrieve the actions that are bound to a trigger. Once an action is created and deployed, it must be attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The list of actions returned reflects the order in which they will be executed during the appropriate flow. * * Get trigger bindings * @@ -257,8 +252,7 @@ export class ActionsManager extends BaseAPI { } /** - * Retrieve information about a specific execution of a trigger. Relevant execution IDs will be included in tenant logs - * generated as part of that authentication flow. Executions will only be stored for 10 days after their creation. + * Retrieve information about a specific execution of a trigger. Relevant execution IDs will be included in tenant logs generated as part of that authentication flow. Executions will only be stored for 10 days after their creation. * * Get an execution * @@ -285,8 +279,7 @@ export class ActionsManager extends BaseAPI { } /** - * Retrieve the set of triggers currently available within actions. A trigger is an extensibility point to which actions - * can be bound. + * Retrieve the set of triggers currently available within actions. A trigger is an extensibility point to which actions can be bound. * * Get triggers * @@ -305,8 +298,7 @@ export class ActionsManager extends BaseAPI { } /** - * Update an existing action. If this action is currently bound to a trigger, updating it will not affect - * any user flows until the action is deployed. + * Update an existing action. If this action is currently bound to a trigger, updating it will not affect any user flows until the action is deployed. * * Update an action * @@ -340,10 +332,7 @@ export class ActionsManager extends BaseAPI { } /** - * Update the actions that are bound (i.e. attached) to a trigger. Once an action is created and deployed, it must be - * attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The order in which the actions are - * provided will determine the order in which they are executed. - * + * Update the actions that are bound (i.e. attached) to a trigger. Once an action is created and deployed, it must be attached (i.e. bound) to a trigger so that it will be executed as part of a flow. The order in which the actions are provided will determine the order in which they are executed. * Update trigger bindings * * @throws {RequiredError} @@ -376,8 +365,7 @@ export class ActionsManager extends BaseAPI { } /** - * Create an action. Once an action is created, it must be deployed, and then - * bound to a trigger before it will be executed as part of a flow. + * Create an action. Once an action is created, it must be deployed, and then bound to a trigger before it will be executed as part of a flow. * * Create an action * @@ -405,8 +393,7 @@ export class ActionsManager extends BaseAPI { } /** - * Deploy an action. Deploying an action will create a new immutable version of the action. If the action is - * currently bound to a trigger, then the system will begin executing the newly deployed version of the action immediately. Otherwise, the action will only be executed as a part of a flow once it is bound to that flow. + * Deploy an action. Deploying an action will create a new immutable version of the action. If the action is currently bound to a trigger, then the system will begin executing the newly deployed version of the action immediately. Otherwise, the action will only be executed as a part of a flow once it is bound to that flow. * * Deploy an action * @@ -433,9 +420,7 @@ export class ActionsManager extends BaseAPI { } /** - * Performs the equivalent of a roll-back of an action to an earlier, specified version. Creates a new, deployed - * action version that is identical to the specified version. If this action is currently bound to a trigger, the - * system will begin executing the newly-created version immediately. + * Performs the equivalent of a roll-back of an action to an earlier, specified version. Creates a new, deployed action version that is identical to the specified version. If this action is currently bound to a trigger, the system will begin executing the newly-created version immediately. * * Roll back to a previous action version * diff --git a/src/management/__generated/managers/anomaly-manager.ts b/src/management/__generated/managers/anomaly-manager.ts index 58322b346..e446c8f41 100644 --- a/src/management/__generated/managers/anomaly-manager.ts +++ b/src/management/__generated/managers/anomaly-manager.ts @@ -9,7 +9,7 @@ const { BaseAPI } = runtime; */ export class AnomalyManager extends BaseAPI { /** - * Unblock an IP address currently blocked by the Suspicious IP Throttling due to multiple suspicious attempts. + * Remove a block imposed by Suspicious IP Throttling for the given IP address. * Remove the blocked IP address * * @throws {RequiredError} @@ -35,7 +35,7 @@ export class AnomalyManager extends BaseAPI { } /** - * Check if a given IP address is blocked via the Suspicious IP Throttling due to multiple suspicious attempts. + * Check if the given IP address is blocked via the Suspicious IP Throttling due to multiple suspicious attempts. * Check if an IP address is blocked * * @throws {RequiredError} diff --git a/src/management/__generated/managers/attack-protection-manager.ts b/src/management/__generated/managers/attack-protection-manager.ts index d3ce16d61..45be21863 100644 --- a/src/management/__generated/managers/attack-protection-manager.ts +++ b/src/management/__generated/managers/attack-protection-manager.ts @@ -16,7 +16,8 @@ const { BaseAPI } = runtime; */ export class AttackProtectionManager extends BaseAPI { /** - * Get breached password detection settings + * Retrieve details of the Breached Password Detection configuration of your tenant. + * Get Breached Password Detection settings * * @throws {RequiredError} */ @@ -35,7 +36,8 @@ export class AttackProtectionManager extends BaseAPI { } /** - * Get the brute force configuration + * Retrieve details of the Brute-force Protection configuration of your tenant. + * Get Brute-force settings * * @throws {RequiredError} */ @@ -54,7 +56,8 @@ export class AttackProtectionManager extends BaseAPI { } /** - * Get the suspicious IP throttling configuration + * Retrieve details of the Suspicious IP Throttling configuration of your tenant. + * Get Suspicious IP Throttling settings * * @throws {RequiredError} */ @@ -73,7 +76,8 @@ export class AttackProtectionManager extends BaseAPI { } /** - * Update breached password detection settings + * Update details of the Breached Password Detection configuration of your tenant. + * Update Breached Password Detection settings * * @throws {RequiredError} */ @@ -99,7 +103,8 @@ export class AttackProtectionManager extends BaseAPI { } /** - * Update the brute force configuration + * Update the Brute-force Protection configuration of your tenant. + * Update Brute-force settings * * @throws {RequiredError} */ @@ -125,7 +130,8 @@ export class AttackProtectionManager extends BaseAPI { } /** - * Update the suspicious IP throttling configuration + * Update the details of the Suspicious IP Throttling configuration of your tenant. + * Update Suspicious IP Throttling settings * * @throws {RequiredError} */ diff --git a/src/management/__generated/managers/blacklists-manager.ts b/src/management/__generated/managers/blacklists-manager.ts deleted file mode 100644 index d990563fe..000000000 --- a/src/management/__generated/managers/blacklists-manager.ts +++ /dev/null @@ -1,67 +0,0 @@ -import * as runtime from '../../../lib/runtime.js'; -import type { InitOverride, ApiResponse } from '../../../lib/runtime.js'; -import type { Token, GetTokensRequest } from '../models/index.js'; - -const { BaseAPI } = runtime; - -/** - * - */ -export class BlacklistsManager extends BaseAPI { - /** - * Retrieve the `jti` and `aud` of all tokens that are blacklisted. - * - * Note: The JWT specification states that the `jti` field can be used to prevent replay attacks. Though Auth0 tokens do not include a `jti`, you can nevertheless blacklist a `jti` to prevent a token being used more than a predetermined number of times. This behavior is similar to implementing a nonce (where the token's signature can be thought of as the nonce). If a token gets stolen, it (or the tokens issued after it) should be blacklisted and let expire. - * - * Get blacklisted tokens - * - * @throws {RequiredError} - */ - async getAll( - requestParameters: GetTokensRequest = {}, - initOverrides?: InitOverride - ): Promise>> { - const queryParameters = runtime.applyQueryParams(requestParameters, [ - { - key: 'aud', - config: {}, - }, - ]); - - const response = await this.request( - { - path: `/blacklists/tokens`, - method: 'GET', - query: queryParameters, - }, - initOverrides - ); - - return runtime.JSONApiResponse.fromResponse(response); - } - - /** - * Add the token identified by the `jti` to a blacklist for the tenant. - * - * Blacklist a token - * - * @throws {RequiredError} - */ - async add(bodyParameters: Token, initOverrides?: InitOverride): Promise> { - const headerParameters: runtime.HTTPHeaders = {}; - - headerParameters['Content-Type'] = 'application/json'; - - const response = await this.request( - { - path: `/blacklists/tokens`, - method: 'POST', - headers: headerParameters, - body: bodyParameters, - }, - initOverrides - ); - - return runtime.VoidApiResponse.fromResponse(response); - } -} diff --git a/src/management/__generated/managers/branding-manager.ts b/src/management/__generated/managers/branding-manager.ts index 9222411e8..465ba1ee8 100644 --- a/src/management/__generated/managers/branding-manager.ts +++ b/src/management/__generated/managers/branding-manager.ts @@ -1,15 +1,38 @@ import * as runtime from '../../../lib/runtime.js'; import type { InitOverride, ApiResponse } from '../../../lib/runtime.js'; import type { + CreatePhoneProviderRequest, + CreatePhoneTemplateRequest, GetBranding200Response, + GetBrandingPhoneProviders200Response, + GetBrandingPhoneProviders200ResponseProvidersInner, + GetPhoneTemplates200Response, + GetPhoneTemplates200ResponseTemplatesInner, GetUniversalLogin200Response, PatchBrandingRequest, PostBrandingTheme200Response, PostBrandingThemeRequest, PutUniversalLoginRequest, + TryPhoneProvider202Response, + TryPhoneProviderRequest, + TryPhoneTemplate202Response, + TryPhoneTemplateRequest, + UpdatePhoneProviderRequest, + UpdatePhoneTemplateRequest, DeleteBrandingThemeRequest, + DeletePhoneProviderRequest, + DeletePhoneTemplateRequest, + GetBrandingPhoneProvidersRequest, GetBrandingThemeRequest, + GetPhoneProviderRequest, + GetPhoneTemplateRequest, + GetPhoneTemplatesRequest, PatchBrandingThemeRequest, + ResetPhoneTemplateRequest, + TryPhoneProviderOperationRequest, + TryPhoneTemplateOperationRequest, + UpdatePhoneProviderOperationRequest, + UpdatePhoneTemplateOperationRequest, } from '../models/index.js'; const { BaseAPI } = runtime; @@ -18,6 +41,61 @@ const { BaseAPI } = runtime; * */ export class BrandingManager extends BaseAPI { + /** + * Create an phone provider. + * The credentials object requires different properties depending on the phone provider (which is specified using the name property). + * + * Configure the phone provider + * + * @throws {RequiredError} + */ + async configurePhoneProvider( + bodyParameters: CreatePhoneProviderRequest, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/providers`, + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Create a phone notification template + * + * @throws {RequiredError} + */ + async createPhoneTemplate( + bodyParameters: CreatePhoneTemplateRequest, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/templates`, + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Delete branding theme. * Delete branding theme @@ -44,6 +122,58 @@ export class BrandingManager extends BaseAPI { return runtime.VoidApiResponse.fromResponse(response); } + /** + * Delete the configured phone provider. + * + * Deletes a Phone Provider + * + * @throws {RequiredError} + */ + async deletePhoneProvider( + requestParameters: DeletePhoneProviderRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const response = await this.request( + { + path: `/branding/phone/providers/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'DELETE', + }, + initOverrides + ); + + return runtime.VoidApiResponse.fromResponse(response); + } + + /** + * Delete a phone notification template + * + * @throws {RequiredError} + */ + async deletePhoneTemplate( + requestParameters: DeletePhoneTemplateRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const response = await this.request( + { + path: `/branding/phone/templates/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'DELETE', + }, + initOverrides + ); + + return runtime.VoidApiResponse.fromResponse(response); + } + /** * Delete template for New Universal Login Experience * @@ -79,6 +209,36 @@ export class BrandingManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + /** + * Retrieve a list ofphone providers details set for a Tenant. A list of fields to include or exclude may also be specified. + * + * Get the phone providers set for a Tenant + * + * @throws {RequiredError} + */ + async getPhoneProviders( + requestParameters: GetBrandingPhoneProvidersRequest = {}, + initOverrides?: InitOverride + ): Promise> { + const queryParameters = runtime.applyQueryParams(requestParameters, [ + { + key: 'disabled', + config: {}, + }, + ]); + + const response = await this.request( + { + path: `/branding/phone/providers`, + method: 'GET', + query: queryParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Retrieve branding theme. * Get branding theme @@ -125,6 +285,86 @@ export class BrandingManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + /** + * Retrieve phone provider details. A list of fields to include or exclude may also be specified. + * + * Get the phone provider + * + * @throws {RequiredError} + */ + async getPhoneProvider( + requestParameters: GetPhoneProviderRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const response = await this.request( + { + path: `/branding/phone/providers/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'GET', + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Get a phone notification template + * + * @throws {RequiredError} + */ + async getPhoneTemplate( + requestParameters: GetPhoneTemplateRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const response = await this.request( + { + path: `/branding/phone/templates/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'GET', + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Get a list of phone notification templates + * + * @throws {RequiredError} + */ + async getPhoneTemplates( + requestParameters: GetPhoneTemplatesRequest = {}, + initOverrides?: InitOverride + ): Promise> { + const queryParameters = runtime.applyQueryParams(requestParameters, [ + { + key: 'disabled', + config: {}, + }, + ]); + + const response = await this.request( + { + path: `/branding/phone/templates`, + method: 'GET', + query: queryParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Get template for New Universal Login Experience * @@ -282,4 +522,167 @@ export class BrandingManager extends BaseAPI { return runtime.VoidApiResponse.fromResponse(response); } + + /** + * Resets a phone notification template values + * + * @throws {RequiredError} + */ + async resetPhoneTemplate( + requestParameters: ResetPhoneTemplateRequest, + bodyParameters: any | null, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/templates/{id}/reset`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'PATCH', + headers: headerParameters, + body: bodyParameters as any, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Send a test phone notification for the configured provider + * + * @throws {RequiredError} + */ + async tryPhoneProvider( + requestParameters: TryPhoneProviderOperationRequest, + bodyParameters: TryPhoneProviderRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/providers/{id}/try`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Send a test phone notification for the configured template + * + * @throws {RequiredError} + */ + async tryPhoneTemplate( + requestParameters: TryPhoneTemplateOperationRequest, + bodyParameters: TryPhoneTemplateRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/templates/{id}/try`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Update an phone provider. + * The credentials object requires different properties depending on the email provider (which is specified using the name property). + * + * Update the phone provider + * + * @throws {RequiredError} + */ + async updatePhoneProvider( + requestParameters: UpdatePhoneProviderOperationRequest, + bodyParameters: UpdatePhoneProviderRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/providers/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'PATCH', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Update a phone notification template + * + * @throws {RequiredError} + */ + async updatePhoneTemplate( + requestParameters: UpdatePhoneTemplateOperationRequest, + bodyParameters: UpdatePhoneTemplateRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/branding/phone/templates/{id}`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'PATCH', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } } diff --git a/src/management/__generated/managers/client-grants-manager.ts b/src/management/__generated/managers/client-grants-manager.ts index 1217f9202..366dd31ad 100644 --- a/src/management/__generated/managers/client-grants-manager.ts +++ b/src/management/__generated/managers/client-grants-manager.ts @@ -3,10 +3,14 @@ import type { InitOverride, ApiResponse } from '../../../lib/runtime.js'; import type { ClientGrant, ClientGrantCreate, + GetClientGrantOrganizations200Response, GetClientGrants200Response, PatchClientGrantsByIdRequest, + GetClientGrantOrganizations200ResponseOneOf, + GetClientGrantOrganizations200ResponseOneOfInner, GetClientGrants200ResponseOneOf, DeleteClientGrantsByIdRequest, + GetClientGrantOrganizationsRequest, GetClientGrantsRequest, PatchClientGrantsByIdOperationRequest, } from '../models/index.js'; @@ -18,7 +22,8 @@ const { BaseAPI } = runtime; */ export class ClientGrantsManager extends BaseAPI { /** - * Delete a client grant. + * Delete the Client Credential Flow from your machine-to-machine application. + * * Delete client grant * * @throws {RequiredError} @@ -44,7 +49,64 @@ export class ClientGrantsManager extends BaseAPI { } /** - * Retrieve client grants. + * Get the organizations associated to a client grant + * + * @throws {RequiredError} + */ + async getOrganizations( + requestParameters: GetClientGrantOrganizationsRequest & { include_totals: true }, + initOverrides?: InitOverride + ): Promise>; + async getOrganizations( + requestParameters?: GetClientGrantOrganizationsRequest, + initOverrides?: InitOverride + ): Promise>>; + async getOrganizations( + requestParameters: GetClientGrantOrganizationsRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const queryParameters = runtime.applyQueryParams(requestParameters, [ + { + key: 'page', + config: {}, + }, + { + key: 'per_page', + config: {}, + }, + { + key: 'include_totals', + config: {}, + }, + { + key: 'from', + config: {}, + }, + { + key: 'take', + config: {}, + }, + ]); + + const response = await this.request( + { + path: `/client-grants/{id}/organizations`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'GET', + query: queryParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Retrieve a list of client grants, including the scopes associated with the application/API pair. * * Get client grants * @@ -75,6 +137,14 @@ export class ClientGrantsManager extends BaseAPI { key: 'include_totals', config: {}, }, + { + key: 'from', + config: {}, + }, + { + key: 'take', + config: {}, + }, { key: 'audience', config: {}, @@ -83,6 +153,10 @@ export class ClientGrantsManager extends BaseAPI { key: 'client_id', config: {}, }, + { + key: 'allow_any_organization', + config: {}, + }, ]); const response = await this.request( @@ -131,7 +205,7 @@ export class ClientGrantsManager extends BaseAPI { } /** - * Create a client grant. + * Create a client grant for a machine-to-machine login flow. To learn more, read Client Credential Flow. * Create client grant * * @throws {RequiredError} diff --git a/src/management/__generated/managers/clients-manager.ts b/src/management/__generated/managers/clients-manager.ts index 2ed8bb095..aedfde94f 100644 --- a/src/management/__generated/managers/clients-manager.ts +++ b/src/management/__generated/managers/clients-manager.ts @@ -170,10 +170,6 @@ export class ClientsManager extends BaseAPI { key: 'app_type', config: {}, }, - { - key: 'client_ids', - config: {}, - }, { key: 'q', config: {}, @@ -469,10 +465,9 @@ export class ClientsManager extends BaseAPI { /** * Rotate a client secret. * - * This endpoint cannot be used with clients configured with Private Key JWT authentication method (client_authentication_methods configured with private_key_jwt). - * - * Note: The generated secret is NOT base64 encoded. + * This endpoint cannot be used with clients configured with Private Key JWT authentication method (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded. * + * For more information, read Rotate Client Secrets. * Rotate a client secret * * @throws {RequiredError} diff --git a/src/management/__generated/managers/connections-manager.ts b/src/management/__generated/managers/connections-manager.ts index 125f4a760..32a626009 100644 --- a/src/management/__generated/managers/connections-manager.ts +++ b/src/management/__generated/managers/connections-manager.ts @@ -13,6 +13,7 @@ import type { PostScimToken201Response, PostScimTokenRequest, GetConnections200ResponseOneOf, + ConnectionForList, DeleteConnectionsByIdRequest, DeleteScimConfigurationRequest, DeleteTokensByTokenIdRequest, @@ -36,7 +37,7 @@ const { BaseAPI } = runtime; */ export class ConnectionsManager extends BaseAPI { /** - * Deletes a connection and all its users. + * Removes a specific connection from your tenant. This action cannot be undone. Once removed, users can no longer use this connection to authenticate. * * Delete a connection * @@ -148,24 +149,26 @@ export class ConnectionsManager extends BaseAPI { } /** - * Retrieves every connection matching the specified strategy. All connections are retrieved if no strategy is being specified. Accepts a list of fields to include or exclude in the resulting list of connection objects. + * Retrieves detailed list of all connections that match the specified strategy. If no strategy is provided, all connections within your tenant are retrieved. This action can accept a list of fields to include or exclude from the resulting list of connections. + * * This endpoint supports two types of pagination: - * - Offset pagination - * - Checkpoint pagination + *
    + *
  • Offset pagination
  • + *
  • Checkpoint pagination
  • + *
* - * Checkpoint pagination should be used if you need to retrieve more than 1000 connections. + * Checkpoint pagination must be used if you need to retrieve more than 1000 connections. * *

Checkpoint Pagination

* * To search by checkpoint, use the following parameters: - * - from: Optional id from which to start selection. - * - take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. + *
    + *
  • from: Optional id from which to start selection.
  • + *
  • take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.
  • + *
* - * The first time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. - * If there are more results, a next value will be included in the response. You can use this for subsequent API calls. - * When next is no longer included in the response, this indicates there are no more pages remaining. + * Note: The first time you call this endpoint using checkpoint pagination, omit the from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining. * - * Note: The include_totals parameter is not supported when using checkpoint pagination. * Get all connections * * @throws {RequiredError} @@ -177,7 +180,7 @@ export class ConnectionsManager extends BaseAPI { async getAll( requestParameters?: GetConnectionsRequest, initOverrides?: InitOverride - ): Promise>>; + ): Promise>>; async getAll( requestParameters: GetConnectionsRequest = {}, initOverrides?: InitOverride @@ -237,8 +240,7 @@ export class ConnectionsManager extends BaseAPI { } /** - * Retrieves a connection by its ID. - * + * Retrieve details for a specified connection along with options that can be used for identity provider configuration. * Get a connection * * @throws {RequiredError} @@ -380,8 +382,9 @@ export class ConnectionsManager extends BaseAPI { } /** - * Note: if you use the options parameter, the whole options object will be overridden, so ensure that all parameters are present + * Update details for a specific connection, including option properties for identity provider configuration. * + * Note: If you use the options parameter, the entire options object is overriden. To avoid partial data or other issues, ensure all parameters are present when using this option. * Update a connection * * @throws {RequiredError} diff --git a/src/management/__generated/managers/custom-domains-manager.ts b/src/management/__generated/managers/custom-domains-manager.ts index d9753a2ac..d5d2fce3f 100644 --- a/src/management/__generated/managers/custom-domains-manager.ts +++ b/src/management/__generated/managers/custom-domains-manager.ts @@ -101,19 +101,18 @@ export class CustomDomainsManager extends BaseAPI { *
{ "custom_client_ip_header": "cf-connecting-ip" }
* *
Updating TLS_POLICY for a custom domain
To update the tls_policy for a domain, the body to send should be: - *
{ "tls_policy": "compatible" }
+ *
{ "tls_policy": "recommended" }
* * * TLS Policies: * * - recommended - for modern usage this includes TLS 1.2 only - * - compatible - compatible with older browsers this policy includes TLS 1.0, 1.1, 1.2 * * * Some considerations: * * - The TLS ciphers and protocols available in each TLS policy follow industry recommendations, and may be updated occasionally. - * - Do not use the compatible TLS policy unless you have clients that require TLS 1.0. + * - The compatible TLS policy is no longer supported. * * Update custom domain configuration * diff --git a/src/management/__generated/managers/device-credentials-manager.ts b/src/management/__generated/managers/device-credentials-manager.ts index 392293b9d..a04e70ffa 100644 --- a/src/management/__generated/managers/device-credentials-manager.ts +++ b/src/management/__generated/managers/device-credentials-manager.ts @@ -17,7 +17,7 @@ const { BaseAPI } = runtime; */ export class DeviceCredentialsManager extends BaseAPI { /** - * Delete a device credential. + * Permanently delete a device credential (such as a refresh token or public key) with the given ID. * Delete a device credential * * @throws {RequiredError} @@ -43,10 +43,7 @@ export class DeviceCredentialsManager extends BaseAPI { } /** - * Device Credentials relate to refresh tokens and rotating refresh tokens for a given user_id. - * - * Note: Device Credentials APIs are designed for ad-hoc administrative use only, and paging is by default enabled for GET requests. - * Note: When Refresh Token Rotation is enabled, the endpoint becomes eventual consistent. + * Retrieve device credential information (public_key, refresh_token, or rotating_refresh_token) associated with a specific user. * * Retrieve device credentials * @@ -112,10 +109,9 @@ export class DeviceCredentialsManager extends BaseAPI { } /** - * Device Credentials relate to refresh tokens and rotating refresh tokens for a given user_id. + * Create a device credential public key to manage refresh token rotation for a given user_id. Device Credentials APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET requests. * - * Note: Device Credentials APIs are designed for ad-hoc administrative use only, and paging is by default enabled for GET requests. - * Note: When Refresh Token Rotation is enabled, the endpoint becomes eventual consistent. + * When refresh token rotation is enabled, the endpoint becomes consistent. For more information, read Signing Keys. * * Create a device public key credential * diff --git a/src/management/__generated/managers/email-templates-manager.ts b/src/management/__generated/managers/email-templates-manager.ts index cc6040053..15f254efe 100644 --- a/src/management/__generated/managers/email-templates-manager.ts +++ b/src/management/__generated/managers/email-templates-manager.ts @@ -17,7 +17,7 @@ const { BaseAPI } = runtime; */ export class EmailTemplatesManager extends BaseAPI { /** - * Retrieve an email template by pre-defined name. These names are `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, and `user_invitation`. The names `change_password`, and `password_reset` are also supported for legacy scenarios. + * Retrieve an email template by pre-defined name. These names are `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, and `user_invitation`. The names `change_password`, and `password_reset` are also supported for legacy scenarios. * Get an email template * * @throws {RequiredError} diff --git a/src/management/__generated/managers/emails-manager.ts b/src/management/__generated/managers/emails-manager.ts index b31172386..1266d0517 100644 --- a/src/management/__generated/managers/emails-manager.ts +++ b/src/management/__generated/managers/emails-manager.ts @@ -14,9 +14,9 @@ const { BaseAPI } = runtime; */ export class EmailsManager extends BaseAPI { /** - * Retrieve email provider details. A list of fields to include or exclude may also be specified. + * Retrieve details of the email provider configuration in your tenant. A list of fields to include or exclude may also be specified. * - * Get the email provider + * Get email provider * * @throws {RequiredError} */ @@ -48,12 +48,48 @@ export class EmailsManager extends BaseAPI { } /** - * Update an email provider. - * The credentials object requires different properties depending on the email provider (which is specified using the name property): - *
  • mandrill requires api_key
  • sendgrid requires api_key
  • sparkpost requires api_key. Optionally, set region to eu to use the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in North America. eu or null are the only valid values for region.
  • mailgun requires api_key and domain. Optionally, set region to eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or null are the only valid values for region.
  • ses requires accessKeyId, secretAccessKey, and region
  • smtp requires smtp_host, smtp_port, smtp_user, and smtp_pass
Depending on the type of provider it is possible to specify settings object with different configuration options, which will be used when sending an email: - *
  • smtp provider, settings may contain headers object. When using AWS SES SMTP host, you may provide a name of configuration set in X-SES-Configuration-Set header. Value must be a string.
  • for ses provider, settings may contain message object, where you can provide a name of configuration set in configuration_set_name property. Value must be a string.
+ * Update an email provider. The credentials object + * requires different properties depending on the email provider (which is specified using the name property): + *
    + *
  • mandrill requires api_key
  • + *
  • sendgrid requires api_key
  • + *
  • + * sparkpost requires api_key. Optionally, set region to eu to use + * the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in + * North America. eu or null are the only valid values for region. + *
  • + *
  • + * mailgun requires api_key and domain. Optionally, set region to + * eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or + * null are the only valid values for region. + *
  • + *
  • ses requires accessKeyId, secretAccessKey, and region
  • + *
  • + * smtp requires smtp_host, smtp_port, smtp_user, and + * smtp_pass + *
  • + *
+ * Depending on the type of provider it is possible to specify settings object with different configuration + * options, which will be used when sending an email: + *
    + *
  • + * smtp provider, settings may contain headers object. + *
      + *
    • + * When using AWS SES SMTP host, you may provide a name of configuration set in + * X-SES-Configuration-Set header. Value must be a string. + *
    • + *
    • + * When using Sparkpost host, you may provide value for + * X-MSYS_API header. Value must be an object. + *
    • + *
    + * for ses provider, settings may contain message object, where you can provide + * a name of configuration set in configuration_set_name property. Value must be a string. + *
  • + *
* - * Update the email provider + * Update email provider * * @throws {RequiredError} */ @@ -79,12 +115,50 @@ export class EmailsManager extends BaseAPI { } /** - * Create an email provider. - * The credentials object requires different properties depending on the email provider (which is specified using the name property): - *
  • mandrill requires api_key
  • sendgrid requires api_key
  • sparkpost requires api_key. Optionally, set region to eu to use the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in North America. eu or null are the only valid values for region.
  • mailgun requires api_key and domain. Optionally, set region to eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or null are the only valid values for region.
  • ses requires accessKeyId, secretAccessKey, and region
  • smtp requires smtp_host, smtp_port, smtp_user, and smtp_pass
Depending on the type of provider it is possible to specify settings object with different configuration options, which will be used when sending an email: - *
  • smtp provider, settings may contain headers object. When using AWS SES SMTP host, you may provide a name of configuration set in X-SES-Configuration-Set header. Value must be a string.
  • for ses provider, settings may contain message object, where you can provide a name of configuration set in configuration_set_name property. Value must be a string.
+ * Create an email provider. The credentials object + * requires different properties depending on the email provider (which is specified using the name property): + *
    + *
  • mandrill requires api_key
  • + *
  • sendgrid requires api_key
  • + *
  • + * sparkpost requires api_key. Optionally, set region to eu to use + * the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in + * North America. eu or null are the only valid values for region. + *
  • + *
  • + * mailgun requires api_key and domain. Optionally, set region to + * eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or + * null are the only valid values for region. + *
  • + *
  • ses requires accessKeyId, secretAccessKey, and region
  • + *
  • + * smtp requires smtp_host, smtp_port, smtp_user, and + * smtp_pass + *
  • + *
+ * Depending on the type of provider it is possible to specify settings object with different configuration + * options, which will be used when sending an email: + *
    + *
  • + * smtp provider, settings may contain headers object. + *
      + *
    • + * When using AWS SES SMTP host, you may provide a name of configuration set in + * X-SES-Configuration-Set header. Value must be a string. + *
    • + *
    • + * When using Sparkpost host, you may provide value for + * X-MSYS_API header. Value must be an object. + *
    • + *
    + *
  • + *
  • + * for ses provider, settings may contain message object, where you can provide + * a name of configuration set in configuration_set_name property. Value must be a string. + *
  • + *
* - * Configure the email provider + * Configure email provider * * @throws {RequiredError} */ diff --git a/src/management/__generated/managers/guardian-manager.ts b/src/management/__generated/managers/guardian-manager.ts index eda8007b0..6ee1de2c0 100644 --- a/src/management/__generated/managers/guardian-manager.ts +++ b/src/management/__generated/managers/guardian-manager.ts @@ -5,15 +5,18 @@ import type { EnrollmentCreate, Factor, GetApns200Response, + GetFactorDuoSettings200Response, + GetGuardianPhoneProviders200Response, GetMessageTypes200Response, - GetPhoneProviders200Response, GetPnProviders200Response, PostTicket200Response, PutApns200Response, PutApnsRequest, + PutFactorDuoSettingsRequest, PutFactorsByName200Response, PutFactorsByNameRequest, PutFcmRequest, + PutFcmv1Request, PutSns200Response, PutSnsRequest, PutTwilioRequest, @@ -33,7 +36,7 @@ const { BaseAPI } = runtime; */ export class GuardianManager extends BaseAPI { /** - * Delete an enrollment to allow the user to enroll with multi-factor authentication again. + * Remove a specific multi-factor authentication (MFA) enrollment from a user's account. This allows the user to re-enroll with MFA. For more information, review Reset User Multi-Factor Authentication and Recovery Codes. * Delete a multi-factor authentication enrollment * * @throws {RequiredError} @@ -59,7 +62,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve APNS push notification configuration + * Retrieve configuration details for the multi-factor authentication APNS provider associated with your tenant. + * Get APNS push notification configuration * * @throws {RequiredError} */ @@ -78,10 +82,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve an enrollment (including its status and type). - * - * Note: Phone numbers are partially obfuscated. - * Retrieve a multi-factor authentication enrollment + * Retrieve details, such as status and type, for a specific multi-factor authentication enrollment registered to a user account. + * Get a multi-factor authentication enrollment * * @throws {RequiredError} */ @@ -106,8 +108,28 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve phone enrollment and verification templates (subscription required). - * Retrieve Enrollment and Verification Phone Templates + * Retrieves the DUO account and factor configuration. + * Get DUO Configuration + * + * @throws {RequiredError} + */ + async getDUOConfiguration( + initOverrides?: InitOverride + ): Promise> { + const response = await this.request( + { + path: `/guardian/factors/duo/settings`, + method: 'GET', + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Retrieve details of the multi-factor authentication enrollment and verification templates for phone-type factors available in your tenant. + * Get Enrollment and Verification Phone Templates * * @throws {RequiredError} */ @@ -126,10 +148,10 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve SMS enrollment and verification templates (subscription required). + * This endpoint has been deprecated. To complete this action, use the Retrieve enrollment and verification phone templates endpoint instead. * - * A new endpoint is available to retrieve enrollment and verification templates related to phone factors (phone templates). It has the same payload as this one. Please use it instead. - * Retrieve SMS Enrollment and Verification Templates + * Previous function: Retrieve details of SMS enrollment and verification templates configured for your tenant. + * Get SMS enrollment and verification templates * * @throws {RequiredError} */ @@ -150,8 +172,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve all multi-factor authentication configurations. - * Retrieve Factors and their Status + * Retrieve details of all multi-factor authentication factors associated with your tenant. + * Get Factors and multi-factor authentication details * * @throws {RequiredError} */ @@ -168,16 +190,17 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve the Enabled Phone Factors + * Retrieve details of the multi-factor authentication phone provider configured for your tenant. + * Get phone provider configuration * * @throws {RequiredError} */ - async getPhoneFactorMessageTypes( + async getPhoneFactorSelectedProvider( initOverrides?: InitOverride - ): Promise> { + ): Promise> { const response = await this.request( { - path: `/guardian/factors/phone/message-types`, + path: `/guardian/factors/phone/selected-provider`, method: 'GET', }, initOverrides @@ -187,16 +210,17 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve phone configuration (one of auth0|twilio|phone-message-hook) + * Retrieve list of phone-type MFA factors (i.e., sms and voice) that are enabled for your tenant. + * Get Enabled Phone Factors * * @throws {RequiredError} */ - async getPhoneFactorSelectedProvider( + async getPhoneFactorMessageTypes( initOverrides?: InitOverride - ): Promise> { + ): Promise> { const response = await this.request( { - path: `/guardian/factors/phone/selected-provider`, + path: `/guardian/factors/phone/message-types`, method: 'GET', }, initOverrides @@ -206,8 +230,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve the Twilio phone provider configuration (subscription required). - * Retrieve Twilio phone configuration + * Retrieve configuration details for a Twilio phone provider that has been set up in your tenant. To learn more, review Configure SMS and Voice Notifications for MFA. + * Get Twilio configuration * * @throws {RequiredError} */ @@ -226,7 +250,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve push notification provider + * Modify the push notification provider configured for your tenant. For more information, review Configure Push Notifications for MFA. + * Get push notification provider * * @throws {RequiredError} */ @@ -245,12 +270,17 @@ export class GuardianManager extends BaseAPI { } /** - * Gets the MFA policies for the tenant. + * Retrieve the multi-factor authentication (MFA) policies configured for your tenant. * - * The following policies are supported:
  • all-applications policy - will prompt with MFA for all logins.
  • confidence-score policy - will prompt with MFA only for low confidence logins.
- * Use of the Adaptive MFA feature requires an add-on for the Enterprise plan. Please contact sales with any questions. For more information about Adaptive MFA, read our full documentation. + * The following policies are supported: + *
    + *
  • all-applications policy prompts with MFA for all logins.
  • + *
  • confidence-score policy prompts with MFA only for low confidence logins.
  • + *
* - * Get the Multi-factor Authentication policies + * Note: The confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details. + * + * Get multi-factor authentication policies * * @throws {RequiredError} */ @@ -267,14 +297,16 @@ export class GuardianManager extends BaseAPI { } /** - * A new endpoint is available to retrieve the configuration related to phone factors (phone configuration). It has the same payload as this one. Please use it instead. - * Retrieve SMS configuration (one of auth0|twilio|phone-message-hook) + * This endpoint has been deprecated. To complete this action, use the Retrieve phone configuration endpoint instead. + * + * Previous functionality: Retrieve details for the multi-factor authentication SMS provider configured for your tenant. + * Get SMS configuration * * @throws {RequiredError} */ async getSmsSelectedProvider( initOverrides?: InitOverride - ): Promise> { + ): Promise> { const response = await this.request( { path: `/guardian/factors/sms/selected-provider`, @@ -290,7 +322,7 @@ export class GuardianManager extends BaseAPI { * Retrieve the Twilio SMS provider configuration (subscription required). * * A new endpoint is available to retrieve the Twilio configuration related to phone factors (phone Twilio configuration). It has the same payload as this one. Please use it instead. - * Retrieve Twilio SMS configuration + * Get Twilio SMS configuration * * @throws {RequiredError} */ @@ -309,8 +341,8 @@ export class GuardianManager extends BaseAPI { } /** - * Retrieve the AWS SNS push notification provider configuration (subscription required). - * Retrieve AWS SNS push notification configuration + * Retrieve configuration details for an AWS SNS push notification provider that has been enabled for MFA. To learn more, review Configure Push Notifications for MFA. + * Get AWS SNS configuration * * @throws {RequiredError} */ @@ -329,7 +361,8 @@ export class GuardianManager extends BaseAPI { } /** - * Updates APNs provider configuration + * Modify configuration details of the multi-factor authentication APNS provider associated with your tenant. + * Update APNs provider configuration * * @throws {RequiredError} */ @@ -355,7 +388,34 @@ export class GuardianManager extends BaseAPI { } /** - * Updates FCM provider configuration + * Update the DUO Configuration + * + * @throws {RequiredError} + */ + async updateDUOConfiguration( + bodyParameters: PutFactorDuoSettingsRequest, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/guardian/factors/duo/settings`, + method: 'PATCH', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Modify configuration details of the multi-factor authentication FCM provider associated with your tenant. + * Updates FCM configuration * * @throws {RequiredError} */ @@ -380,9 +440,36 @@ export class GuardianManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + /** + * Modify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant. + * Updates FCMV1 configuration + * + * @throws {RequiredError} + */ + async updatePushNotificationProviderFCMV1( + bodyParameters: PutFcmv1Request, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/guardian/factors/push-notification/providers/fcmv1`, + method: 'PATCH', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Configure the AWS SNS push notification provider configuration (subscription required). - * Update SNS configuration for push notifications + * Update AWS SNS configuration * * @throws {RequiredError} */ @@ -408,7 +495,8 @@ export class GuardianManager extends BaseAPI { } /** - * Generate an email with a link to start the multi-factor authentication enrollment process (subscription required). + * Create a multi-factor authentication (MFA) enrollment ticket, and optionally send an email with the created ticket, to a given user. + * * Create a multi-factor authentication enrollment ticket * * @throws {RequiredError} @@ -435,7 +523,8 @@ export class GuardianManager extends BaseAPI { } /** - * Updates APNs provider configuration + * Overwrite all configuration details of the multi-factor authentication APNS provider associated with your tenant. + * Update APNS configuration * * @throws {RequiredError} */ @@ -460,6 +549,33 @@ export class GuardianManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + /** + * Set the DUO account configuration and other properties specific to this factor. + * Update the DUO Configuration + * + * @throws {RequiredError} + */ + async setDUOConfiguration( + bodyParameters: PutFactorDuoSettingsRequest, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/guardian/factors/duo/settings`, + method: 'PUT', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Customize the messages sent to complete phone enrollment and verification (subscription required). * Update Enrollment and Verification Phone Templates @@ -488,10 +604,10 @@ export class GuardianManager extends BaseAPI { } /** - * Customize the messages sent to complete SMS enrollment and verification (subscription required). + * This endpoint has been deprecated. To complete this action, use the Update enrollment and verification phone templates endpoint instead. * - * A new endpoint is available to update enrollment and verification templates related to phone factors (phone templates). It has the same payload as this one. Please use it instead. - * Update SMS Enrollment and Verification Templates + * Previous functionality: Customize the messages sent to complete SMS enrollment and verification. + * Update SMS enrollment and verification templates * * @throws {RequiredError} */ @@ -517,8 +633,8 @@ export class GuardianManager extends BaseAPI { } /** - * Update a multi-factor authentication factor (subscription required). - * Update a Multi-factor Authentication Factor + * Update the status (i.e., enabled or disabled) of a specific multi-factor authentication factor. + * Update multi-factor authentication type * * @throws {RequiredError} */ @@ -550,7 +666,8 @@ export class GuardianManager extends BaseAPI { } /** - * Updates FCM provider configuration + * Overwrite all configuration details of the multi-factor authentication FCM provider associated with your tenant. + * Updates FCM configuration * * @throws {RequiredError} */ @@ -576,7 +693,34 @@ export class GuardianManager extends BaseAPI { } /** - * Update enabled phone factors for multi-factor authentication + * Overwrite all configuration details of the multi-factor authentication FCMV1 provider associated with your tenant. + * Updates FCMV1 configuration + * + * @throws {RequiredError} + */ + async setPushNotificationProviderFCMV1( + bodyParameters: PutFcmv1Request, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/guardian/factors/push-notification/providers/fcmv1`, + method: 'PUT', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Replace the list of phone-type MFA factors (i.e., sms and voice) that are enabled for your tenant. * Update the Enabled Phone Factors * * @throws {RequiredError} @@ -603,14 +747,14 @@ export class GuardianManager extends BaseAPI { } /** - * Update phone configuration (one of auth0|twilio|phone-message-hook) + * Update phone provider configuration * * @throws {RequiredError} */ async updatePhoneFactorSelectedProvider( - bodyParameters: GetPhoneProviders200Response, + bodyParameters: GetGuardianPhoneProviders200Response, initOverrides?: InitOverride - ): Promise> { + ): Promise> { const headerParameters: runtime.HTTPHeaders = {}; headerParameters['Content-Type'] = 'application/json'; @@ -629,7 +773,8 @@ export class GuardianManager extends BaseAPI { } /** - * Update Push Notification configuration (one of direct|sns|guardian) + * Modify the push notification provider configured for your tenant. For more information, review Configure Push Notifications for MFA. + * Update Push Notification configuration * * @throws {RequiredError} */ @@ -655,13 +800,17 @@ export class GuardianManager extends BaseAPI { } /** - * Sets the MFA policies for the tenant. + * Set multi-factor authentication (MFA) policies for your tenant. * - * The following policies are supported:
  • all-applications policy - will prompt with MFA for all logins.
  • confidence-score policy - will prompt with MFA only for low confidence logins.
Pass an empty array to remove all MFA policies. - * Use of the Adaptive MFA feature requires an add-on for the Enterprise plan. Please contact sales with any questions. For more information about Adaptive MFA, read our full documentation. + * The following policies are supported: + *
    + *
  • all-applications policy prompts with MFA for all logins.
  • + *
  • confidence-score policy prompts with MFA only for low confidence logins.
  • + *
* + * Note: The confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details. * - * Set the Multi-factor Authentication policies + * Update multi-factor authentication policies * * @throws {RequiredError} */ @@ -687,15 +836,17 @@ export class GuardianManager extends BaseAPI { } /** - * A new endpoint is available to update the configuration related to phone factors (phone configuration). It has the same payload as this one. Please use it instead. - * Update SMS configuration (one of auth0|twilio|phone-message-hook) + * This endpoint has been deprecated. To complete this action, use the Update phone configuration endpoint instead. + * + * Previous functionality: Update the multi-factor authentication SMS provider configuration in your tenant. + * Update SMS configuration * * @throws {RequiredError} */ async setSmsSelectedProvider( - bodyParameters: GetPhoneProviders200Response, + bodyParameters: GetGuardianPhoneProviders200Response, initOverrides?: InitOverride - ): Promise> { + ): Promise> { const headerParameters: runtime.HTTPHeaders = {}; headerParameters['Content-Type'] = 'application/json'; @@ -714,9 +865,9 @@ export class GuardianManager extends BaseAPI { } /** - * Configure the Twilio SMS provider configuration (subscription required). + * This endpoint has been deprecated. To complete this action, use the Update Twilio phone configuration endpoint. * - * A new endpoint is available to update the Twilio configuration related to phone factors (phone Twilio configuration). It has the same payload as this one. Please use it instead. + * Previous functionality: Update the Twilio SMS provider configuration. * Update Twilio SMS configuration * * @throws {RequiredError} @@ -744,7 +895,7 @@ export class GuardianManager extends BaseAPI { /** * Configure the AWS SNS push notification provider configuration (subscription required). - * Update AWS SNS push notification configuration + * Update AWS SNS configuration * * @throws {RequiredError} */ @@ -770,8 +921,8 @@ export class GuardianManager extends BaseAPI { } /** - * Configure the Twilio phone provider configuration (subscription required). - * Update Twilio phone configuration + * Update the configuration of a Twilio phone provider that has been set up in your tenant. To learn more, review Configure SMS and Voice Notifications for MFA. + * Update Twilio configuration * * @throws {RequiredError} */ diff --git a/src/management/__generated/managers/index.ts b/src/management/__generated/managers/index.ts index 9b417e017..9f29fc5a8 100644 --- a/src/management/__generated/managers/index.ts +++ b/src/management/__generated/managers/index.ts @@ -1,7 +1,6 @@ export * from './actions-manager.js'; export * from './anomaly-manager.js'; export * from './attack-protection-manager.js'; -export * from './blacklists-manager.js'; export * from './branding-manager.js'; export * from './client-grants-manager.js'; export * from './clients-manager.js'; diff --git a/src/management/__generated/managers/jobs-manager.ts b/src/management/__generated/managers/jobs-manager.ts index d2648aa5c..8e1d8d024 100644 --- a/src/management/__generated/managers/jobs-manager.ts +++ b/src/management/__generated/managers/jobs-manager.ts @@ -92,7 +92,7 @@ export class JobsManager extends BaseAPI { } /** - * Import users from a formatted file into a connection via a long-running job. + * Import users from a formatted file into a connection via a long-running job. When importing users, with or without upsert, the `email_verified` is set to `false` when the email address is added or updated. Users must verify their email address. To avoid this behavior, set `email_verified` to `true` in the imported data. * Create import users job * * @throws {RequiredError} diff --git a/src/management/__generated/managers/keys-manager.ts b/src/management/__generated/managers/keys-manager.ts index 31320117f..d5d2475cb 100644 --- a/src/management/__generated/managers/keys-manager.ts +++ b/src/management/__generated/managers/keys-manager.ts @@ -1,10 +1,21 @@ import * as runtime from '../../../lib/runtime.js'; import type { InitOverride, ApiResponse } from '../../../lib/runtime.js'; import type { + GetEncryptionKeys200Response, + GetEncryptionKeys200ResponseOneOfInner, GetSigningKeys200ResponseInner, + PostEncryptionKeyRequest, + PostEncryptionRequest, + PostEncryptionWrappingKey201Response, PostSigningKeys201Response, PutSigningKeys200Response, + GetEncryptionKeys200ResponseOneOf, + DeleteEncryptionKeyRequest, + GetEncryptionKeyRequest, + GetEncryptionKeysRequest, GetSigningKeyRequest, + PostEncryptionKeyOperationRequest, + PostEncryptionWrappingKeyRequest, PutSigningKeysRequest, } from '../models/index.js'; @@ -15,6 +26,104 @@ const { BaseAPI } = runtime; */ export class KeysManager extends BaseAPI { /** + * Delete the custom provided encryption key with the given ID and move back to using native encryption key. + * Delete the encryption key by its key id + * + * @throws {RequiredError} + */ + async deleteEncryptionKey( + requestParameters: DeleteEncryptionKeyRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['kid']); + + const response = await this.request( + { + path: `/keys/encryption/{kid}`.replace( + '{kid}', + encodeURIComponent(String(requestParameters.kid)) + ), + method: 'DELETE', + }, + initOverrides + ); + + return runtime.VoidApiResponse.fromResponse(response); + } + + /** + * Retrieve details of the encryption key with the given ID. + * Get the encryption key by its key id + * + * @throws {RequiredError} + */ + async getEncryptionKey( + requestParameters: GetEncryptionKeyRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['kid']); + + const response = await this.request( + { + path: `/keys/encryption/{kid}`.replace( + '{kid}', + encodeURIComponent(String(requestParameters.kid)) + ), + method: 'GET', + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Retrieve details of all the encryption keys associated with your tenant. + * Get all encryption keys + * + * @throws {RequiredError} + */ + async getEncryptionKeys( + requestParameters: GetEncryptionKeysRequest & { include_totals: true }, + initOverrides?: InitOverride + ): Promise>; + async getEncryptionKeys( + requestParameters?: GetEncryptionKeysRequest, + initOverrides?: InitOverride + ): Promise>>; + async getEncryptionKeys( + requestParameters: GetEncryptionKeysRequest = {}, + initOverrides?: InitOverride + ): Promise> { + const queryParameters = runtime.applyQueryParams(requestParameters, [ + { + key: 'page', + config: {}, + }, + { + key: 'per_page', + config: {}, + }, + { + key: 'include_totals', + config: {}, + }, + ]); + + const response = await this.request( + { + path: `/keys/encryption`, + method: 'GET', + query: queryParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Retrieve details of the application signing key with the given ID. * Get an Application Signing Key by its key id * * @throws {RequiredError} @@ -40,6 +149,7 @@ export class KeysManager extends BaseAPI { } /** + * Retrieve details of all the application signing keys associated with your tenant. * Get all Application Signing Keys * * @throws {RequiredError} @@ -58,6 +168,66 @@ export class KeysManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + /** + * Create the new, pre-activated encryption key, without the key material. + * Create the new encryption key + * + * @throws {RequiredError} + */ + async createEncryptionKey( + bodyParameters: PostEncryptionRequest, + initOverrides?: InitOverride + ): Promise> { + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/keys/encryption`, + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Import wrapped key material and activate encryption key. + * Import the encryption key + * + * @throws {RequiredError} + */ + async importEncryptionKey( + requestParameters: PostEncryptionKeyOperationRequest, + bodyParameters: PostEncryptionKeyRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['kid']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/keys/encryption/{kid}`.replace( + '{kid}', + encodeURIComponent(String(requestParameters.kid)) + ), + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + /** * Perform rekeying operation on the key hierarchy. * Rekey the key hierarchy @@ -77,6 +247,33 @@ export class KeysManager extends BaseAPI { } /** + * Create the public wrapping key to wrap your own encryption key material. + * Create the public wrapping key + * + * @throws {RequiredError} + */ + async createEncryptionPublicWrappingKey( + requestParameters: PostEncryptionWrappingKeyRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['kid']); + + const response = await this.request( + { + path: `/keys/encryption/{kid}/wrapping-key`.replace( + '{kid}', + encodeURIComponent(String(requestParameters.kid)) + ), + method: 'POST', + }, + initOverrides + ); + + return runtime.JSONApiResponse.fromResponse(response); + } + + /** + * Rotate the application signing key of your tenant. * Rotate the Application Signing Key * * @throws {RequiredError} @@ -94,6 +291,7 @@ export class KeysManager extends BaseAPI { } /** + * Revoke the application signing key with the given ID. * Revoke an Application Signing Key by its key id * * @throws {RequiredError} diff --git a/src/management/__generated/managers/log-streams-manager.ts b/src/management/__generated/managers/log-streams-manager.ts index f10fc5c62..906423c80 100644 --- a/src/management/__generated/managers/log-streams-manager.ts +++ b/src/management/__generated/managers/log-streams-manager.ts @@ -157,7 +157,55 @@ export class LogStreamsManager extends BaseAPI { * "datadogRegion": "string", * "datadogApiKey": "string" * } - * }
Splunk Log Stream
{
+   *
+   * }
Mixpanel
+ * + * Request:
{
+   * 	  "name": "string",
+   * 	  "type": "mixpanel",
+   * 	  "sink": {
+   * 		"mixpanelRegion": "string", // "us" | "eu",
+   * 		"mixpanelProjectId": "string",
+   * 		"mixpanelServiceAccountUsername": "string",
+   * 		"mixpanelServiceAccountPassword": "string"
+   * 	  }
+   * 	} 
+ * + * + * Response:
{
+   * 		"id": "string",
+   * 		"name": "string",
+   * 		"type": "mixpanel",
+   * 		"status": "active",
+   * 		"sink": {
+   * 		  "mixpanelRegion": "string", // "us" | "eu",
+   * 		  "mixpanelProjectId": "string",
+   * 		  "mixpanelServiceAccountUsername": "string",
+   * 		  "mixpanelServiceAccountPassword": "string" // the following is redacted on return
+   * 		}
+   * 	  } 
+ * + *
Segment
+ * + * Request:
 {
+   * 	  "name": "string",
+   * 	  "type": "segment",
+   * 	  "sink": {
+   * 		"segmentWriteKey": "string"
+   * 	  }
+   * 	}
+ * + * Response:
{
+   * 	  "id": "string",
+   * 	  "name": "string",
+   * 	  "type": "segment",
+   * 	  "status": "active",
+   * 	  "sink": {
+   * 		"segmentWriteKey": "string"
+   * 	  }
+   * 	} 
+ * + *
Splunk Log Stream
{
    * 	"id": "string",
    * 	"name": "string",
    * 	"type": "splunk",
diff --git a/src/management/__generated/managers/organizations-manager.ts b/src/management/__generated/managers/organizations-manager.ts
index f697f9789..bfb70cfdf 100644
--- a/src/management/__generated/managers/organizations-manager.ts
+++ b/src/management/__generated/managers/organizations-manager.ts
@@ -1,8 +1,10 @@
 import * as runtime from '../../../lib/runtime.js';
 import type { InitOverride, ApiResponse } from '../../../lib/runtime.js';
 import type {
+  CreateOrganizationClientGrantsRequest,
   DeleteMembersRequest,
   DeleteOrganizationMemberRolesRequest,
+  GetClientGrantOrganizations200ResponseOneOfInner,
   GetEnabledConnections200Response,
   GetEnabledConnections200ResponseOneOfInner,
   GetInvitations200Response,
@@ -12,13 +14,11 @@ import type {
   GetOrganizationClientGrants200ResponseOneOfInner,
   GetOrganizationMemberRoles200Response,
   GetOrganizations200Response,
-  GetOrganizations200ResponseOneOfInner,
   PatchEnabledConnectionsByConnectionIdRequest,
   PatchOrganizationsByIdRequest,
   PostEnabledConnectionsRequest,
   PostInvitationsRequest,
   PostMembersRequest,
-  PostOrganizationClientGrantsRequest,
   PostOrganizationMemberRolesRequest,
   PostOrganizations201Response,
   PostOrganizationsRequest,
@@ -29,7 +29,8 @@ import type {
   GetOrganizationClientGrants200ResponseOneOf,
   GetOrganizationMemberRoles200ResponseOneOf,
   GetOrganizationMemberRoles200ResponseOneOfInner,
-  GetOrganizations200ResponseOneOf,
+  GetClientGrantOrganizations200ResponseOneOf,
+  CreateOrganizationClientGrantsOperationRequest,
   DeleteClientGrantsByGrantIdRequest,
   DeleteEnabledConnectionsByConnectionIdRequest,
   DeleteInvitationsByInvitationIdRequest,
@@ -51,7 +52,6 @@ import type {
   PostEnabledConnectionsOperationRequest,
   PostInvitationsOperationRequest,
   PostMembersOperationRequest,
-  PostOrganizationClientGrantsOperationRequest,
   PostOrganizationMemberRolesOperationRequest,
 } from '../models/index.js';
 
@@ -61,6 +61,38 @@ const { BaseAPI } = runtime;
  *
  */
 export class OrganizationsManager extends BaseAPI {
+  /**
+   * Associate a client grant with an organization
+   *
+   * @throws {RequiredError}
+   */
+  async postOrganizationClientGrants(
+    requestParameters: CreateOrganizationClientGrantsOperationRequest,
+    bodyParameters: CreateOrganizationClientGrantsRequest,
+    initOverrides?: InitOverride
+  ): Promise> {
+    runtime.validateRequiredRequestParams(requestParameters, ['id']);
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters['Content-Type'] = 'application/json';
+
+    const response = await this.request(
+      {
+        path: `/organizations/{id}/client-grants`.replace(
+          '{id}',
+          encodeURIComponent(String(requestParameters.id))
+        ),
+        method: 'POST',
+        headers: headerParameters,
+        body: bodyParameters,
+      },
+      initOverrides
+    );
+
+    return runtime.JSONApiResponse.fromResponse(response);
+  }
+
   /**
    * Remove a client grant from an organization
    *
@@ -86,6 +118,10 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
+   * Disable a specific connection for an Organization. Once disabled, Organization members can no longer use that connection to authenticate.
+   *
+   * Note: This action does not remove the connection from your tenant.
+   *
    * Delete connections from an organization
    *
    * @throws {RequiredError}
@@ -110,7 +146,7 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Delete an invitation to organization
+   * Delete an invitation to an Organization
    *
    * @throws {RequiredError}
    */
@@ -166,7 +202,11 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Remove one or more roles from a given user in the context of the provided organization
+   * Remove one or more Organization-specific roles from a given user.
+   *
+   * Users can be members of multiple Organizations with unique roles assigned for each membership. This action removes roles from a user in relation to the specified Organization. Roles assigned to the user within a different Organization cannot be managed in the same call.
+   *
+   * Delete user roles from an Organization member
    *
    * @throws {RequiredError}
    */
@@ -197,7 +237,9 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Delete a specific organization
+   * Remove an Organization from your tenant.  This action cannot be undone.
+   *
+   * Note: Members are automatically disassociated from an Organization when it is deleted. However, this action does not delete these users from your tenant.
    *
    * Delete organization
    *
@@ -224,6 +266,8 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
+   * Retrieve details about a specific connection currently enabled for an Organization. Information returned includes details such as connection ID, name, strategy, and whether the connection automatically grants membership upon login.
+   *
    * Get connections enabled for an organization
    *
    * @throws {RequiredError}
@@ -273,6 +317,8 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
+   * Retrieve details about a specific connection currently enabled for an Organization. Information returned includes details such as connection ID, name, strategy, and whether the connection automatically grants membership upon login.
+   *
    * Get an enabled connection for an organization
    *
    * @throws {RequiredError}
@@ -297,7 +343,9 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Get invitations to organization
+   * Retrieve a detailed list of invitations sent to users for a specific Organization. The list includes details such as inviter and invitee information, invitation URLs, and dates of creation and expiration. To learn more about Organization invitations, review Invite Organization Members.
+   *
+   * Get invitations to an organization
    *
    * @throws {RequiredError}
    */
@@ -358,7 +406,7 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Get an invitation to organization
+   * Get a specific invitation to an Organization
    *
    * @throws {RequiredError}
    */
@@ -488,7 +536,7 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Get a specific organization by name
+   * Retrieve details about a single Organization specified by name.
    *
    * Get organization by name
    *
@@ -497,7 +545,7 @@ export class OrganizationsManager extends BaseAPI {
   async getByName(
     requestParameters: GetNameByNameRequest,
     initOverrides?: InitOverride
-  ): Promise> {
+  ): Promise> {
     runtime.validateRequiredRequestParams(requestParameters, ['name']);
 
     const response = await this.request(
@@ -579,7 +627,11 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * Get the roles assigned to an organization member
+   * Retrieve detailed list of roles assigned to a given user within the context of a specific Organization.
+   *
+   * Users can be members of multiple Organizations with unique roles assigned for each membership. This action only returns the roles associated with the specified Organization; any roles assigned to the user within other Organizations are not included.
+   *
+   * Get user roles assigned to an Organization member
    *
    * @throws {RequiredError}
    */
@@ -627,19 +679,25 @@ export class OrganizationsManager extends BaseAPI {
   }
 
   /**
-   * List available organizations. This endpoint supports two types of pagination:
-   * - Offset pagination
-   * - Checkpoint pagination
+   * Retrieve detailed list of all Organizations available in your tenant. For more information, see Auth0 Organizations.
+   *
+   * This endpoint supports two types of pagination:
+   * 
    + *
  • Offset pagination
  • + *
  • Checkpoint pagination
  • + *
* * Checkpoint pagination must be used if you need to retrieve more than 1000 organizations. * *

Checkpoint Pagination

* * To search by checkpoint, use the following parameters: - * - from: Optional id from which to start selection. - * - take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. + *
    + *
  • from: Optional id from which to start selection.
  • + *
  • take: The total number of entries to retrieve when using the from parameter. Defaults to 50.
  • + *
* - * Note: The first time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. If there are more results, a next value will be included in the response. You can use this for subsequent API calls. When next is no longer included in the response, this indicates there are no more pages remaining. + * Note: The first time you call this endpoint using checkpoint pagination, omit the from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining. * * Get organizations * @@ -648,11 +706,11 @@ export class OrganizationsManager extends BaseAPI { async getAll( requestParameters: GetOrganizationsRequest & { include_totals: true }, initOverrides?: InitOverride - ): Promise>; + ): Promise>; async getAll( requestParameters?: GetOrganizationsRequest, initOverrides?: InitOverride - ): Promise>>; + ): Promise>>; async getAll( requestParameters: GetOrganizationsRequest = {}, initOverrides?: InitOverride @@ -697,7 +755,7 @@ export class OrganizationsManager extends BaseAPI { } /** - * Get a specific organization + * Retrieve details about a single Organization specified by ID. * * Get organization * @@ -706,7 +764,7 @@ export class OrganizationsManager extends BaseAPI { async get( requestParameters: GetOrganizationsByIdRequest, initOverrides?: InitOverride - ): Promise> { + ): Promise> { runtime.validateRequiredRequestParams(requestParameters, ['id']); const response = await this.request( @@ -724,9 +782,9 @@ export class OrganizationsManager extends BaseAPI { } /** - * Modify an enabled_connection belonging to an Organization. + * Modify the details of a specific connection currently enabled for an Organization. * - * Modify an Organizations Connection + * Update the Connection of an Organization * * @throws {RequiredError} */ @@ -757,7 +815,7 @@ export class OrganizationsManager extends BaseAPI { } /** - * Modify an organization + * Update the details of a specific Organization, such as name and display name, branding options, and metadata. * * Modify an Organization * @@ -767,7 +825,7 @@ export class OrganizationsManager extends BaseAPI { requestParameters: PatchOrganizationsByIdOperationRequest, bodyParameters: PatchOrganizationsByIdRequest, initOverrides?: InitOverride - ): Promise> { + ): Promise> { runtime.validateRequiredRequestParams(requestParameters, ['id']); const headerParameters: runtime.HTTPHeaders = {}; @@ -791,6 +849,10 @@ export class OrganizationsManager extends BaseAPI { } /** + * Enable a specific connection for a given Organization. To enable a connection, it must already exist within your tenant; connections cannot be created through this action. + * + * Connections represent the relationship between Auth0 and a source of users. Available types of connections include database, enterprise, and social. + * * Add connections to an organization * * @throws {RequiredError} @@ -823,7 +885,9 @@ export class OrganizationsManager extends BaseAPI { } /** - * Create invitations to organization + * Create a user invitation for a specific Organization. Upon creation, the listed user receives an email inviting them to join the Organization. To learn more about Organization invitations, review Invite Organization Members. + * + * Create invitations to an organization * * @throws {RequiredError} */ @@ -855,6 +919,10 @@ export class OrganizationsManager extends BaseAPI { } /** + * Set one or more existing users as members of a specific Organization. + * + * To add a user to an Organization through this action, the user must already exist in your tenant. If a user does not yet exist, you can invite them to create an account, manually create them through the Auth0 Dashboard, or use the Management API. + * * Add members to an organization * * @throws {RequiredError} @@ -887,39 +955,11 @@ export class OrganizationsManager extends BaseAPI { } /** - * Associate a client grant with an organization + * Assign one or more roles to a user to determine their access for a specific Organization. * - * @throws {RequiredError} - */ - async postOrganizationClientGrants( - requestParameters: PostOrganizationClientGrantsOperationRequest, - bodyParameters: PostOrganizationClientGrantsRequest, - initOverrides?: InitOverride - ): Promise> { - runtime.validateRequiredRequestParams(requestParameters, ['id']); - - const headerParameters: runtime.HTTPHeaders = {}; - - headerParameters['Content-Type'] = 'application/json'; - - const response = await this.request( - { - path: `/organizations/{id}/client-grants`.replace( - '{id}', - encodeURIComponent(String(requestParameters.id)) - ), - method: 'POST', - headers: headerParameters, - body: bodyParameters, - }, - initOverrides - ); - - return runtime.JSONApiResponse.fromResponse(response); - } - - /** - * Assign one or more roles to a given user that will be applied in the context of the provided organization + * Users can be members of multiple Organizations with unique roles assigned for each membership. This action assigns roles to a user only for the specified Organization. Roles cannot be assigned to a user across multiple Organizations in the same call. + * + * Assign user roles to an Organization member * * @throws {RequiredError} */ @@ -950,7 +990,7 @@ export class OrganizationsManager extends BaseAPI { } /** - * Create an organization + * Create a new Organization within your tenant. To learn more about Organization settings, behavior, and configuration options, review Create Your First Organization. * * Create an Organization * diff --git a/src/management/__generated/managers/prompts-manager.ts b/src/management/__generated/managers/prompts-manager.ts index 3b90614f5..b68b5f553 100644 --- a/src/management/__generated/managers/prompts-manager.ts +++ b/src/management/__generated/managers/prompts-manager.ts @@ -89,12 +89,12 @@ export class PromptsManager extends BaseAPI { } /** - * View the render settings for a specific screen - * Get render settings for a prompt + * Get render settings for a screen. + * Get render settings for a screen * * @throws {RequiredError} */ - async getRendering( + async getRenderSettings( requestParameters: GetRenderingRequest, initOverrides?: InitOverride ): Promise> { @@ -141,12 +141,40 @@ export class PromptsManager extends BaseAPI { } /** - * Configure the render settings for a specific screen - * Configure render settings for a prompt + * Learn more about configuring render settings for advanced customization. + * + *

+ * Example head_tags array. See our documentation on using Liquid variables within head tags. + *

+ *
{
+   *   "head_tags": [
+   *     {
+   *       "tag": "script",
+   *       "attributes": {
+   *         "defer": true,
+   *         "src": "URL_TO_ASSET",
+   *         "async": true,
+   *         "integrity": [
+   *           "ASSET_SHA"
+   *         ]
+   *       }
+   *     },
+   *     {
+   *       "tag": "link",
+   *       "attributes": {
+   *         "href": "URL_TO_ASSET",
+   *         "rel": "stylesheet"
+   *       }
+   *     }
+   *   ]
+   * }
+   * 
+ * + * Update render settings for a screen * * @throws {RequiredError} */ - async updateRendering( + async updateRenderSettings( requestParameters: PatchRenderingOperationRequest, bodyParameters: PatchRenderingRequest, initOverrides?: InitOverride diff --git a/src/management/__generated/managers/resource-servers-manager.ts b/src/management/__generated/managers/resource-servers-manager.ts index 15ad8931a..7301ae83b 100644 --- a/src/management/__generated/managers/resource-servers-manager.ts +++ b/src/management/__generated/managers/resource-servers-manager.ts @@ -19,7 +19,7 @@ const { BaseAPI } = runtime; */ export class ResourceServersManager extends BaseAPI { /** - * Delete an existing API (also known as a resource server). + * Delete an existing API by ID. For more information, read API Settings. * Delete a resource server * * @throws {RequiredError} @@ -101,7 +101,7 @@ export class ResourceServersManager extends BaseAPI { } /** - * Retrieve an API (also known as resource server). + * Retrieve API details with the given ID. * Get a resource server * * @throws {RequiredError} @@ -135,7 +135,7 @@ export class ResourceServersManager extends BaseAPI { } /** - * Update an existing API (also known as a resource server). + * Change an existing API setting by resource server ID. For more information, read API Settings. * Update a resource server * * @throws {RequiredError} @@ -168,7 +168,7 @@ export class ResourceServersManager extends BaseAPI { } /** - * Create a new API (also known as a resource server). + * Create a new API associated with your tenant. Note that all new APIs must be registered with Auth0. For more information, read APIs. * Create a resource server * * @throws {RequiredError} diff --git a/src/management/__generated/managers/roles-manager.ts b/src/management/__generated/managers/roles-manager.ts index 8fa1490dc..32fe06ab6 100644 --- a/src/management/__generated/managers/roles-manager.ts +++ b/src/management/__generated/managers/roles-manager.ts @@ -32,7 +32,7 @@ const { BaseAPI } = runtime; */ export class RolesManager extends BaseAPI { /** - * Remove permissions associated with a role. + * Remove one or more permissions from a specified user role. * * Remove permissions from a role * @@ -66,7 +66,7 @@ export class RolesManager extends BaseAPI { } /** - * Delete a role. + * Delete a specific user role from your tenant. Once deleted, it is removed from any user who was previously assigned that role. This action cannot be undone. * * Delete a role * @@ -90,7 +90,7 @@ export class RolesManager extends BaseAPI { } /** - * Retrieve list of permissions granted by a role. + * Retrieve detailed list (name, description, resource server) of permissions granted by a specified user role. * * Get permissions granted by role * @@ -141,19 +141,25 @@ export class RolesManager extends BaseAPI { } /** - * Retrieve users associated with a role. This endpoint supports two types of pagination: - * - Offset pagination - * - Checkpoint pagination + * Retrieve list of users associated with a specific role. For Dashboard instructions, review View Users Assigned to Roles. * - * Checkpoint pagination must be used if you need to retrieve more than 1000 users for a given role. + * This endpoint supports two types of pagination: + *
    + *
  • Offset pagination
  • + *
  • Checkpoint pagination
  • + *
+ * + * Checkpoint pagination must be used if you need to retrieve more than 1000 organization members. * *

Checkpoint Pagination

* * To search by checkpoint, use the following parameters: - * - from: Optional id from which to start selection. - * - take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. + *
    + *
  • from: Optional id from which to start selection.
  • + *
  • take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.
  • + *
* - * Note: The first time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. If there are more results, a next value will be included in the response. You can use this for subsequent API calls. When next is no longer included in the response, this indicates there are no more pages remaining. + * Note: The first time you call this endpoint using checkpoint pagination, omit the from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining. * * Get a role's users * @@ -209,7 +215,9 @@ export class RolesManager extends BaseAPI { } /** - * Retrieve filtered list of roles that can be assigned to users. + * Retrieve detailed list of user roles created in your tenant. + * + * Note: The returned list does not include standard roles available for tenant members, such as Admin or Support Access. * * Get roles * @@ -259,7 +267,7 @@ export class RolesManager extends BaseAPI { } /** - * Retrieve a role. + * Retrieve details about a specific user role specified by ID. * * Get a role * @@ -283,7 +291,7 @@ export class RolesManager extends BaseAPI { } /** - * Update a role. + * Modify the details of a specific user role specified by ID. * * Update a role * @@ -314,7 +322,7 @@ export class RolesManager extends BaseAPI { } /** - * Associate permissions with a role. + * Add one or more permissions to a specified user role. * * Associate permissions with a role * @@ -348,7 +356,10 @@ export class RolesManager extends BaseAPI { } /** - * Assign users to a role. + * Assign one or more users to an existing user role. To learn more, review Role-Based Access Control. + * + * Note: New roles cannot be created through this action. + * * Assign users to a role * * @throws {RequiredError} @@ -378,7 +389,9 @@ export class RolesManager extends BaseAPI { } /** - * Create a new role. + * Create a user role for Role-Based Access Control. + * + * Note: New roles are not associated with any permissions by default. To assign existing permissions to your role, review Associate Permissions with a Role. To create new permissions, review Add API Permissions. * * Create a role * diff --git a/src/management/__generated/managers/sessions-manager.ts b/src/management/__generated/managers/sessions-manager.ts index 462b3e2b8..6a288f0ae 100644 --- a/src/management/__generated/managers/sessions-manager.ts +++ b/src/management/__generated/managers/sessions-manager.ts @@ -4,6 +4,7 @@ import type { GetSession200Response, DeleteSessionRequest, GetSessionRequest, + RevokeSessionRequest, } from '../models/index.js'; const { BaseAPI } = runtime; @@ -57,4 +58,30 @@ export class SessionsManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + + /** + * Revokes a session by ID and all associated refresh tokens. + * Revokes a session + * + * @throws {RequiredError} + */ + async revokeSession( + requestParameters: RevokeSessionRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const response = await this.request( + { + path: `/sessions/{id}/revoke`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'POST', + }, + initOverrides + ); + + return runtime.VoidApiResponse.fromResponse(response); + } } diff --git a/src/management/__generated/managers/tickets-manager.ts b/src/management/__generated/managers/tickets-manager.ts index 5a9dbb308..c548b41fb 100644 --- a/src/management/__generated/managers/tickets-manager.ts +++ b/src/management/__generated/managers/tickets-manager.ts @@ -14,7 +14,8 @@ const { BaseAPI } = runtime; */ export class TicketsManager extends BaseAPI { /** - * Create a ticket to verify a user's email address. + * Create an email verification ticket for a given user. An email verification ticket is a generated URL that the user can consume to verify their email address. + * * Create an email verification ticket * * @throws {RequiredError} @@ -41,7 +42,10 @@ export class TicketsManager extends BaseAPI { } /** - * Create a password change ticket for a user. + * Create a password change ticket for a given user. A password change ticket is a generated URL that the user can consume to start a reset password flow. + * + * Note: This endpoint does not verify the given user’s identity. If you call this endpoint within your application, you must design your application to verify the user’s identity. + * * Create a password change ticket * * @throws {RequiredError} diff --git a/src/management/__generated/managers/user-blocks-manager.ts b/src/management/__generated/managers/user-blocks-manager.ts index 43ff3592f..6c6f66e1b 100644 --- a/src/management/__generated/managers/user-blocks-manager.ts +++ b/src/management/__generated/managers/user-blocks-manager.ts @@ -15,7 +15,9 @@ const { BaseAPI } = runtime; */ export class UserBlocksManager extends BaseAPI { /** - * Unblock a user blocked due to an excessive amount of incorrectly-provided credentials. + * Remove all Brute-force Protection blocks for the user with the given identifier (username, phone number, or email). + * + * Note: This endpoint does not unblock users that were blocked by a tenant administrator. * * Unblock by identifier * @@ -47,9 +49,9 @@ export class UserBlocksManager extends BaseAPI { } /** - * Unblock a user that was blocked due to an excessive amount of incorrectly provided credentials. + * Remove all Brute-force Protection blocks for the user with the given ID. * - * Note: This endpoint does not unblock users that were blocked by admins. + * Note: This endpoint does not unblock users that were blocked by a tenant administrator. * * Unblock a user * @@ -73,8 +75,7 @@ export class UserBlocksManager extends BaseAPI { } /** - * Retrieve a list of blocked IP addresses for a given identifier (e.g., username, phone number or email). - * + * Retrieve details of all Brute-force Protection blocks for a user with the given identifier (username, phone number, or email). * Get blocks by identifier * * @throws {RequiredError} @@ -109,8 +110,7 @@ export class UserBlocksManager extends BaseAPI { } /** - * Retrieve a list of blocked IP addresses for the login identifiers (email, username, phone number, etc) associated with the specified user. - * + * Retrieve details of all Brute-force Protection blocks for the user with the given ID. * * Get a user's blocks * diff --git a/src/management/__generated/managers/users-by-email-manager.ts b/src/management/__generated/managers/users-by-email-manager.ts index c35699eda..8cd7abd4e 100644 --- a/src/management/__generated/managers/users-by-email-manager.ts +++ b/src/management/__generated/managers/users-by-email-manager.ts @@ -9,11 +9,11 @@ const { BaseAPI } = runtime; */ export class UsersByEmailManager extends BaseAPI { /** - * If Auth0 is the identify provider (idP), the email address associated with a user is saved in lower case, regardless of how you initially provided it. For example, if you register a user as JohnSmith@example.com, Auth0 saves the user's email as johnsmith@example.com. + * Find users by email. If Auth0 is the identity provider (idP), the email address associated with a user is saved in lower case, regardless of how you initially provided it. * - * In cases where Auth0 is not the idP, the `email` is stored based on the rules of idP, so make sure the search is made using the correct capitalization. + * For example, if you register a user as JohnSmith@example.com, Auth0 saves the user's email as johnsmith@example.com. * - * When using this endpoint, make sure that you are searching for users via email addresses using the correct case. + * Therefore, when using this endpoint, make sure that you are searching for users via email addresses using the correct case. * * Search Users by Email * diff --git a/src/management/__generated/managers/users-manager.ts b/src/management/__generated/managers/users-manager.ts index e44f44e53..c1df6aba5 100644 --- a/src/management/__generated/managers/users-manager.ts +++ b/src/management/__generated/managers/users-manager.ts @@ -14,6 +14,7 @@ import type { GetUserOrganizations200Response, GetUsers200Response, GetUsers200ResponseOneOfInner, + PatchAuthenticationMethodsByAuthenticationMethodId200Response, PatchAuthenticationMethodsByAuthenticationMethodIdRequest, PostAuthenticationMethods201Response, PostAuthenticationMethodsRequest, @@ -26,14 +27,15 @@ import type { UserCreate, UserEnrollment, UserIdentity, + UserRevokeAccessRequest, UserUpdate, GetAuthenticationMethods200ResponseOneOf, GetLogs200ResponseOneOf, Log, GetPermissions200ResponseOneOf, GetPermissions200ResponseOneOfInner, - GetOrganizations200ResponseOneOf, - GetOrganizations200ResponseOneOfInner, + GetClientGrantOrganizations200ResponseOneOf, + GetClientGrantOrganizations200ResponseOneOfInner, GetOrganizationMemberRoles200ResponseOneOf, GetOrganizationMemberRoles200ResponseOneOfInner, GetUsers200ResponseOneOf, @@ -67,6 +69,7 @@ import type { PostRecoveryCodeRegenerationRequest, PostUserRolesOperationRequest, PutAuthenticationMethodsRequest, + UserRevokeAccessOperationRequest, } from '../models/index.js'; const { BaseAPI } = runtime; @@ -76,7 +79,8 @@ const { BaseAPI } = runtime; */ export class UsersManager extends BaseAPI { /** - * Deletes all authentication methods for the given user + * Remove all authentication methods (i.e., enrolled MFA factors) from the specified user account. This action cannot be undone. + * Delete all authentication methods for the given user * * @throws {RequiredError} */ @@ -101,7 +105,8 @@ export class UsersManager extends BaseAPI { } /** - * Deletes an authentication method by ID + * Remove the authentication method with the given ID from the specified user. For more information, review Manage Authentication Methods with Management API. + * Delete an authentication method by ID * * @throws {RequiredError} */ @@ -128,6 +133,7 @@ export class UsersManager extends BaseAPI { } /** + * Remove all authenticators registered to a given user ID, such as OTP, email, phone, and push-notification. This action cannot be undone. For more information, review Manage Authentication Methods with Management API. * Delete All Authenticators * * @throws {RequiredError} @@ -153,7 +159,7 @@ export class UsersManager extends BaseAPI { } /** - * Delete a multifactor configuration for a user. This forces the user to re-configure the multi-factor provider. + * Remove a multifactor authentication configuration from a user's account. This forces the user to manually reconfigure the multi-factor provider. * Delete a User's Multi-factor Provider * * @throws {RequiredError} @@ -264,7 +270,10 @@ export class UsersManager extends BaseAPI { } /** - * Unlink an identity from the target user making it a separate user account again. + * Unlink a specific secondary account from a target user. This action requires the ID of both the target user and the secondary account. + * + * Unlinking the secondary account removes it from the identities array of the target user and creates a new standalone profile for the secondary account. To learn more, review Unlink User Accounts. + * * Unlink a User Identity * * @throws {RequiredError} @@ -290,7 +299,10 @@ export class UsersManager extends BaseAPI { } /** - * Remove roles from a user. + * Remove one or more specified user roles assigned to a user. + * + * Note: This action removes a role from a user in the context of your whole tenant. If you want to unassign a role from a user in the context of a specific Organization, use the following endpoint: Delete user roles from an Organization member. + * * Removes roles from a user * * @throws {RequiredError} @@ -320,7 +332,8 @@ export class UsersManager extends BaseAPI { } /** - * Delete a user. + * Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users. + * * Delete a User * * @throws {RequiredError} @@ -343,7 +356,8 @@ export class UsersManager extends BaseAPI { } /** - * Gets a list of authentication methods + * Retrieve detailed list of authentication methods associated with a specified user. + * Get a list of authentication methods * * @throws {RequiredError} */ @@ -392,7 +406,7 @@ export class UsersManager extends BaseAPI { } /** - * Gets an authentication method by ID. + * Get an authentication method by ID * * @throws {RequiredError} */ @@ -419,7 +433,7 @@ export class UsersManager extends BaseAPI { } /** - * Retrieve the first confirmed Guardian enrollment for a user. + * Retrieve the first multi-factor authentication enrollment that a specific user has confirmed. * Get the First Confirmed Multi-factor Authentication Enrollment * * @throws {RequiredError} @@ -636,7 +650,7 @@ export class UsersManager extends BaseAPI { } /** - * This endpoint will retrieve all organizations that the specified user is a member of. + * Retrieve list of the specified user's current Organization memberships. User must be specified by user ID. For more information, review Auth0 Organizations. * * List user's organizations * @@ -645,11 +659,11 @@ export class UsersManager extends BaseAPI { async getUserOrganizations( requestParameters: GetUserOrganizationsRequest & { include_totals: true }, initOverrides?: InitOverride - ): Promise>; + ): Promise>; async getUserOrganizations( requestParameters?: GetUserOrganizationsRequest, initOverrides?: InitOverride - ): Promise>>; + ): Promise>>; async getUserOrganizations( requestParameters: GetUserOrganizationsRequest, initOverrides?: InitOverride @@ -687,7 +701,10 @@ export class UsersManager extends BaseAPI { } /** - * List the the roles associated with a user. + * Retrieve detailed list of all user roles currently assigned to a user. + * + * Note: This action retrieves all roles assigned to a user in the context of your whole tenant. To retrieve Organization-specific roles, use the following endpoint: Get user roles assigned to an Organization member. + * * Get a user's roles * * @throws {RequiredError} @@ -817,7 +834,8 @@ export class UsersManager extends BaseAPI { } /** - * Retrieve user details. A list of fields to include or exclude may also be specified. + * Retrieve user details. A list of fields to include or exclude may also be specified. For more information, see Retrieve Users with the Get Users Endpoint. + * * Get a User * * @throws {RequiredError} @@ -852,7 +870,8 @@ export class UsersManager extends BaseAPI { } /** - * Updates an authentication method. + * Modify the authentication method with the given ID from the specified user. For more information, review Manage Authentication Methods with Management API. + * Update an authentication method * * @throws {RequiredError} */ @@ -860,7 +879,7 @@ export class UsersManager extends BaseAPI { requestParameters: PatchAuthenticationMethodsByAuthenticationMethodIdOperationRequest, bodyParameters: PatchAuthenticationMethodsByAuthenticationMethodIdRequest, initOverrides?: InitOverride - ): Promise> { + ): Promise> { runtime.validateRequiredRequestParams(requestParameters, ['id', 'authentication_method_id']); const headerParameters: runtime.HTTPHeaders = {}; @@ -916,6 +935,7 @@ export class UsersManager extends BaseAPI { *
  • If you are updating email or phone_number you can specify, optionally, the client_id property.
  • *
  • Updating email_verified is not supported for enterprise and passwordless sms connections.
  • *
  • Updating the blocked to false does not affect the user's blocked state from an excessive amount of incorrectly provided credentials. Use the "Unblock a user" endpoint from the "User Blocks" API to change the user's state.
  • + *
  • Supported attributes can be unset by supplying null as the value.
  • * * *
    Updating a field (non-metadata property)
    @@ -985,7 +1005,8 @@ export class UsersManager extends BaseAPI { } /** - * Creates an authentication method for a given user. Authentication methods created via this endpoint will be auto confirmed and should already have verification completed. + * Create an authentication method. Authentication methods created via this endpoint will be auto confirmed and should already have verification completed. + * Creates an authentication method for a given user * * @throws {RequiredError} */ @@ -1136,7 +1157,7 @@ export class UsersManager extends BaseAPI { } /** - * Remove the current multi-factor authentication recovery code and generate a new one. + * Remove an existing multi-factor authentication (MFA) recovery code and generate a new one. If a user cannot access the original device or account used for MFA enrollment, they can use a recovery code to authenticate. * Generate New Multi-factor Authentication Recovery Code * * @throws {RequiredError} @@ -1162,7 +1183,10 @@ export class UsersManager extends BaseAPI { } /** - * Associate roles with a user. + * Assign one or more existing user roles to a user. For more information, review Role-Based Access Control. + * + * Note: New roles cannot be created through this action. Additionally, this action is used to assign roles to a user in the context of your whole tenant. To assign roles in the context of a specific Organization, use the following endpoint: Assign user roles to an Organization member. + * * Assign roles to a user * * @throws {RequiredError} @@ -1221,7 +1245,10 @@ export class UsersManager extends BaseAPI { } /** - * Updates all authentication methods by replacing them with the given ones. + * Replace the specified user authentication methods with supplied values. + * + * Note: Authentication methods supplied through this action do not iterate on existing methods. Instead, any methods passed will overwrite the user’s existing settings. + * Update all authentication methods by replacing them with the given ones * * @throws {RequiredError} */ @@ -1251,4 +1278,37 @@ export class UsersManager extends BaseAPI { return runtime.JSONApiResponse.fromResponse(response); } + + /** + * Revokes selected resources related to a user (sessions, refresh tokens, ...). + * Revokes selected resources from a user + * + * @throws {RequiredError} + */ + async revokeAccess( + requestParameters: UserRevokeAccessOperationRequest, + bodyParameters: UserRevokeAccessRequest, + initOverrides?: InitOverride + ): Promise> { + runtime.validateRequiredRequestParams(requestParameters, ['id']); + + const headerParameters: runtime.HTTPHeaders = {}; + + headerParameters['Content-Type'] = 'application/json'; + + const response = await this.request( + { + path: `/users/{id}/revoke-access`.replace( + '{id}', + encodeURIComponent(String(requestParameters.id)) + ), + method: 'POST', + headers: headerParameters, + body: bodyParameters, + }, + initOverrides + ); + + return runtime.VoidApiResponse.fromResponse(response); + } } diff --git a/src/management/__generated/models/index.ts b/src/management/__generated/models/index.ts index 398e16e64..a595d5885 100644 --- a/src/management/__generated/models/index.ts +++ b/src/management/__generated/models/index.ts @@ -97,7 +97,7 @@ export interface Client { */ oidc_logout: ClientOidcLogout; /** - * List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, and `urn:ietf:params:oauth:grant-type:device_code`. + * List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`. * */ grant_types: Array; @@ -949,7 +949,7 @@ export interface ClientCreate { callbacks?: Array; /** */ - oidc_logout?: ClientCreateOidcLogout; + oidc_logout?: ClientCreateOidcLogout | null; /** * Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. * @@ -976,7 +976,7 @@ export interface ClientCreate { */ allowed_logout_urls?: Array; /** - * List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, and `urn:ietf:params:oauth:grant-type:device_code`. + * List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`. * */ grant_types?: Array; @@ -1064,10 +1064,13 @@ export interface ClientCreate { initiate_login_uri?: string; /** */ - native_social_login?: ClientCreateNativeSocialLogin | null; + native_social_login?: ClientCreateNativeSocialLogin; /** */ refresh_token?: ClientRefreshToken | null; + /** + */ + default_organization?: ClientCreateDefaultOrganization; /** * Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`. * @@ -1086,14 +1089,14 @@ export interface ClientCreate { * */ require_pushed_authorization_requests?: boolean; - /** - */ - signed_request_object?: ClientCreateSignedRequestObject; /** * Makes the use of Proof-of-Possession mandatory for this client * */ require_proof_of_possession?: boolean; + /** + */ + signed_request_object?: ClientCreateSignedRequestObject; /** * Defines the compliance level for this client, which may restrict it's capabilities * @@ -1177,10 +1180,10 @@ export interface ClientCreateAddons { azure_sb?: ClientCreateAddonsAzureSb; /** */ - rms?: ClientCreateAddonsRms; + rms?: ClientAddonsRms; /** */ - mscrm?: ClientCreateAddonsMscrm; + mscrm?: ClientAddonsMscrm; /** */ slack?: ClientAddonsSlack; @@ -1445,17 +1448,6 @@ export interface ClientCreateAddonsFirebase { */ lifetime_in_seconds?: number; } -/** - * Microsoft Dynamics CRM SSO configuration. - */ -export interface ClientCreateAddonsMscrm { - [key: string]: any | any; - /** - * Microsoft Dynamics CRM application URL. - * - */ - url: string; -} /** * New Relic SSO configuration. */ @@ -1483,17 +1475,6 @@ export interface ClientCreateAddonsOffice365 { */ connection?: string; } -/** - * Active Directory Rights Management Service SSO configuration. - */ -export interface ClientCreateAddonsRms { - [key: string]: any | any; - /** - * URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it. - * - */ - url: string; -} /** * Salesforce SSO configuration. */ @@ -1885,6 +1866,28 @@ export const ClientCreateClientAuthenticationMethodsTlsClientAuthCredentialsInne export type ClientCreateClientAuthenticationMethodsTlsClientAuthCredentialsInnerCredentialTypeEnum = (typeof ClientCreateClientAuthenticationMethodsTlsClientAuthCredentialsInnerCredentialTypeEnum)[keyof typeof ClientCreateClientAuthenticationMethodsTlsClientAuthCredentialsInnerCredentialTypeEnum]; +/** + * Defines the default Organization ID and flows + */ +export interface ClientCreateDefaultOrganization { + /** + * The default Organization ID to be used + * + */ + organization_id: string; + /** + * The default Organization usage + * + */ + flows: Array; +} + +export const ClientCreateDefaultOrganizationFlowsEnum = { + client_credentials: 'client_credentials', +} as const; +export type ClientCreateDefaultOrganizationFlowsEnum = + (typeof ClientCreateDefaultOrganizationFlowsEnum)[keyof typeof ClientCreateDefaultOrganizationFlowsEnum]; + /** * Encryption used for WsFed responses with this client. */ @@ -1929,6 +1932,7 @@ export interface ClientCreateJwtConfiguration { export const ClientCreateJwtConfigurationAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ClientCreateJwtConfigurationAlgEnum = @@ -1981,10 +1985,13 @@ export interface ClientCreateMobileIos { export interface ClientCreateNativeSocialLogin { /** */ - apple?: ClientCreateNativeSocialLoginApple | null; + apple?: ClientCreateNativeSocialLoginApple; /** */ - facebook?: ClientCreateNativeSocialLoginFacebook | null; + facebook?: ClientCreateNativeSocialLoginFacebook; + /** + */ + google?: ClientCreateNativeSocialLoginGoogle; } /** * Native Social Login support for the Apple connection @@ -2006,6 +2013,16 @@ export interface ClientCreateNativeSocialLoginFacebook { */ enabled?: boolean; } +/** + * Native Social Login support for the google-oauth2 connection + */ +export interface ClientCreateNativeSocialLoginGoogle { + /** + * Determine whether or not to allow signing in natively using a Google ID token + * + */ + enabled?: boolean; +} /** * Configuration for OIDC backchannel logout */ @@ -2014,8 +2031,47 @@ export interface ClientCreateOidcLogout { * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. * */ - backchannel_logout_urls: Array; + backchannel_logout_urls?: Array; + /** + */ + backchannel_logout_initiators?: ClientCreateOidcLogoutBackchannelLogoutInitiators; +} +/** + * Configuration for OIDC backchannel logout initiators + */ +export interface ClientCreateOidcLogoutBackchannelLogoutInitiators { + [key: string]: any | any; + /** + * The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators. + * + */ + mode: ClientCreateOidcLogoutBackchannelLogoutInitiatorsModeEnum; + /** + */ + selected_initiators?: Array; } + +export const ClientCreateOidcLogoutBackchannelLogoutInitiatorsModeEnum = { + custom: 'custom', + all: 'all', +} as const; +export type ClientCreateOidcLogoutBackchannelLogoutInitiatorsModeEnum = + (typeof ClientCreateOidcLogoutBackchannelLogoutInitiatorsModeEnum)[keyof typeof ClientCreateOidcLogoutBackchannelLogoutInitiatorsModeEnum]; + +export const ClientCreateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = { + rp_logout: 'rp-logout', + idp_logout: 'idp-logout', + password_changed: 'password-changed', + session_expired: 'session-expired', + session_revoked: 'session-revoked', + account_deleted: 'account-deleted', + email_identifier_changed: 'email-identifier-changed', + mfa_phone_unenrolled: 'mfa-phone-unenrolled', + account_deactivated: 'account-deactivated', +} as const; +export type ClientCreateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = + (typeof ClientCreateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum)[keyof typeof ClientCreateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum]; + /** * JWT-secured Authorization Requests (JAR) settings. */ @@ -2185,6 +2241,7 @@ export interface ClientJwtConfiguration { export const ClientJwtConfigurationAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ClientJwtConfigurationAlgEnum = @@ -2404,7 +2461,7 @@ export interface ClientUpdate { callbacks?: Array; /** */ - oidc_logout?: ClientUpdateOidcLogout | null; + oidc_logout?: ClientCreateOidcLogout | null; /** * A set of URLs that represents valid origins for CORS * @@ -2416,7 +2473,7 @@ export interface ClientUpdate { */ web_origins?: Array; /** - * A set of grant types that the client is authorized to use + * A set of grant types that the client is authorized to use. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`. * */ grant_types?: Array; @@ -2681,7 +2738,7 @@ export interface ClientUpdateAddons { office365?: ClientCreateAddonsOffice365; /** */ - salesforce?: ClientUpdateAddonsSalesforce; + salesforce?: ClientCreateAddonsSalesforce; /** */ salesforce_api?: ClientCreateAddonsSalesforceApi; @@ -2696,7 +2753,7 @@ export interface ClientUpdateAddons { layer?: ClientAddonsLayer; /** */ - sap_api?: ClientUpdateAddonsSapApi; + sap_api?: ClientCreateAddonsSapApi; /** */ sharepoint?: ClientCreateAddonsSharepoint; @@ -2726,53 +2783,6 @@ export interface ClientUpdateAddons { */ oag?: object | null; } -/** - * Salesforce SSO configuration. - */ -export interface ClientUpdateAddonsSalesforce { - [key: string]: any | any; - /** - * Arbitrary logical URL that identifies the Saleforce resource. e.g. `https://acme-org.com`. - * - */ - entity_id?: string; -} -/** - * SAP API addon configuration. - */ -export interface ClientUpdateAddonsSapApi { - [key: string]: any | any; - /** - * If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_id must be set and equal the client_id form parameter of the access token request. - * - */ - clientid?: string; - /** - * Name of the property in the user object that maps to a SAP username. e.g. `email`. - * - */ - usernameAttribute?: string; - /** - * Your SAP OData server OAuth2 token endpoint URL. - * - */ - tokenEndpointUrl?: string; - /** - * Requested scope for SAP APIs. - * - */ - scope?: string; - /** - * Service account password to use to authenticate API calls to the token endpoint. - * - */ - servicePassword?: string; - /** - * NameID element of the Subject which can be used to express the user's identity. Defaults to `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`. - * - */ - nameIdentifierFormat?: string; -} /** * Defines client authentication methods. */ @@ -2829,6 +2839,7 @@ export interface ClientUpdateJwtConfiguration { export const ClientUpdateJwtConfigurationAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ClientUpdateJwtConfigurationAlgEnum = @@ -2881,73 +2892,44 @@ export interface ClientUpdateMobileIos { export interface ClientUpdateNativeSocialLogin { /** */ - apple?: ClientCreateNativeSocialLoginApple | null; + apple?: ClientUpdateNativeSocialLoginApple | null; /** */ - facebook?: ClientCreateNativeSocialLoginFacebook | null; + facebook?: ClientUpdateNativeSocialLoginFacebook | null; /** */ google?: ClientUpdateNativeSocialLoginGoogle | null; } /** - * Native Social Login support for the google-oauth2 connection + * Native Social Login support for the Apple connection */ -export interface ClientUpdateNativeSocialLoginGoogle { +export interface ClientUpdateNativeSocialLoginApple { /** - * Determine whether or not to allow signing in natively using a Google ID token + * Determine whether or not to allow signing in natively using an Apple authorization code * */ enabled?: boolean; } /** - * Configuration for OIDC backchannel logout + * Native Social Login support for the Facebook connection */ -export interface ClientUpdateOidcLogout { +export interface ClientUpdateNativeSocialLoginFacebook { /** - * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. + * Determine whether or not to allow signing in natively using Facebook * */ - backchannel_logout_urls?: Array; - /** - */ - backchannel_logout_initiators?: ClientUpdateOidcLogoutBackchannelLogoutInitiators; + enabled?: boolean; } /** - * Configuration for OIDC backchannel logout initiators + * Native Social Login support for the google-oauth2 connection */ -export interface ClientUpdateOidcLogoutBackchannelLogoutInitiators { - [key: string]: any | any; +export interface ClientUpdateNativeSocialLoginGoogle { /** - * The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators. + * Determine whether or not to allow signing in natively using a Google ID token * */ - mode: ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum; - /** - */ - selected_initiators?: Array; + enabled?: boolean; } - -export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum = { - custom: 'custom', - all: 'all', -} as const; -export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum = - (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum]; - -export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = { - rp_logout: 'rp-logout', - idp_logout: 'idp-logout', - password_changed: 'password-changed', - session_expired: 'session-expired', - session_revoked: 'session-revoked', - account_deleted: 'account-deleted', - email_identifier_changed: 'email-identifier-changed', - mfa_phone_unenrolled: 'mfa-phone-unenrolled', - account_deactivated: 'account-deactivated', -} as const; -export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = - (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum]; - /** * JWT-secured Authorization Requests (JAR) settings. */ @@ -2976,6 +2958,8 @@ export interface Connection { */ display_name: string; /** + * In order to return options in the response, the `read:connections_options` scope must be present + * */ options: { [key: string]: any }; /** @@ -3037,8 +3021,15 @@ export interface ConnectionCreate { */ enabled_clients?: Array; /** + * true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.) + * */ is_domain_connection?: boolean; + /** + * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.) + * + */ + show_as_button?: boolean; /** * Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm. * @@ -3130,6 +3121,14 @@ export interface ConnectionCreateOptions { * */ non_persistent_attrs?: Array; + /** + * Order of precedence for attribute types. If the property is not specified, the default precedence of attributes will be used. + * + */ + precedence?: Array; + /** + */ + attributes?: ConnectionCreateOptionsAttributes; /** */ enable_script_context?: boolean; @@ -3202,15 +3201,26 @@ export interface ConnectionCreateOptions { */ upstream_params?: { [key: string]: any } | null; /** - * Determines whether the 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes can be independently updated when using an external IdP. Possible values are 'on_each_login' (default value, it configures the connection to automatically update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to only set the root attributes on first login, allowing them to be independently updated thereafter) + * When using an external IdP, this flag determines whether 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes are updated. In addition, it also determines whether the user is created when user doesnt exist previously. Possible values are 'on_each_login' (default value, it configures the connection to automatically create the user if necessary and update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to create the user and set the root attributes on first login only, allowing them to be independently updated thereafter), and 'never_on_login' (configures the connection not to create the user and not to set the root attributes from the external IdP, allowing them to be independently updated). * */ set_user_root_attributes?: ConnectionCreateOptionsSetUserRootAttributesEnum; /** */ gateway_authentication?: ConnectionCreateOptionsGatewayAuthentication | null; + /** + */ + configuration?: ConnectionCreateOptionsConfiguration; } +export const ConnectionCreateOptionsPrecedenceEnum = { + email: 'email', + phone_number: 'phone_number', + username: 'username', +} as const; +export type ConnectionCreateOptionsPrecedenceEnum = + (typeof ConnectionCreateOptionsPrecedenceEnum)[keyof typeof ConnectionCreateOptionsPrecedenceEnum]; + export const ConnectionCreateOptionsPasswordPolicyEnum = { none: 'none', low: 'low', @@ -3223,102 +3233,266 @@ export type ConnectionCreateOptionsPasswordPolicyEnum = (typeof ConnectionCreateOptionsPasswordPolicyEnum)[keyof typeof ConnectionCreateOptionsPasswordPolicyEnum]; export const ConnectionCreateOptionsSetUserRootAttributesEnum = { - each_login: 'on_each_login', - first_login: 'on_first_login', + on_each_login: 'on_each_login', + on_first_login: 'on_first_login', + never_on_login: 'never_on_login', } as const; export type ConnectionCreateOptionsSetUserRootAttributesEnum = (typeof ConnectionCreateOptionsSetUserRootAttributesEnum)[keyof typeof ConnectionCreateOptionsSetUserRootAttributesEnum]; /** - * Options for enabling authentication methods. + * Attribute configuration */ -export interface ConnectionCreateOptionsAuthenticationMethods { +export interface ConnectionCreateOptionsAttributes { /** */ - password?: ConnectionCreateOptionsAuthenticationMethodsPassword; + email?: ConnectionCreateOptionsAttributesEmail; /** */ - passkey?: ConnectionCreateOptionsAuthenticationMethodsPasskey; + phone_number?: ConnectionCreateOptionsAttributesPhoneNumber; + /** + */ + username?: ConnectionCreateOptionsAttributesUsername; } /** - * Passkey authentication enablement + * Configuration for the email attribute for users. */ -export interface ConnectionCreateOptionsAuthenticationMethodsPasskey { +export interface ConnectionCreateOptionsAttributesEmail { + [key: string]: any | any; /** - * Determines whether passkeys are enabled + */ + identifier?: ConnectionCreateOptionsAttributesEmailIdentifier; + /** + * Determines if property should be required for users * */ - enabled?: boolean; + profile_required?: boolean; + /** + */ + signup?: ConnectionCreateOptionsAttributesEmailSignup; } /** - * Password authentication enablement + * */ -export interface ConnectionCreateOptionsAuthenticationMethodsPassword { +export interface ConnectionCreateOptionsAttributesEmailIdentifier { /** - * Determines whether passwords are enabled + * Determines if the attribute is used for identification * */ - enabled?: boolean; + active?: boolean; } /** - * A map of scripts used to integrate with a custom database. + * */ -export interface ConnectionCreateOptionsCustomScripts { - [key: string]: any | any; +export interface ConnectionCreateOptionsAttributesEmailSignup { /** */ - login?: string; + status?: ConnectionCreateOptionsAttributesEmailSignupStatusEnum; /** */ - get_user?: string; + verification?: ConnectionCreateOptionsAttributesEmailSignupVerification; +} + +export const ConnectionCreateOptionsAttributesEmailSignupStatusEnum = { + required: 'required', + optional: 'optional', + inactive: 'inactive', +} as const; +export type ConnectionCreateOptionsAttributesEmailSignupStatusEnum = + (typeof ConnectionCreateOptionsAttributesEmailSignupStatusEnum)[keyof typeof ConnectionCreateOptionsAttributesEmailSignupStatusEnum]; + +/** + * + */ +export interface ConnectionCreateOptionsAttributesEmailSignupVerification { /** */ - _delete?: string; + active?: boolean; +} +/** + * Configuration for the phone number attribute for users. + */ +export interface ConnectionCreateOptionsAttributesPhoneNumber { /** */ - change_password?: string; + identifier?: ConnectionCreateOptionsAttributesEmailIdentifier; /** + * Determines if property should be required for users + * */ - verify?: string; + profile_required?: boolean; /** */ - create?: string; + signup?: ConnectionCreateOptionsAttributesEmailSignup; } /** - * Token-based authentication settings to be applied when connection is using an sms strategy. + * Configuration for the username attribute for users. */ -export interface ConnectionCreateOptionsGatewayAuthentication { - [key: string]: any | any; - /** - * The Authorization header type. - * - */ - method: string; +export interface ConnectionCreateOptionsAttributesUsername { /** - * The subject to be added to the JWT payload. - * */ - subject?: string; + identifier?: ConnectionCreateOptionsAttributesEmailIdentifier; /** - * The audience to be added to the JWT payload. + * Determines if property should be required for users * */ - audience: string; + profile_required?: boolean; /** - * The secret to be used for signing tokens. - * */ - secret: string; + signup?: ConnectionCreateOptionsAttributesUsernameSignup; /** - * Set to true if the provided secret is base64 encoded. - * */ - secret_base64_encoded?: boolean; + validation?: ConnectionCreateOptionsAttributesUsernameValidation; } /** - * Options for the passkey authentication method + * */ -export interface ConnectionCreateOptionsPasskeyOptions { +export interface ConnectionCreateOptionsAttributesUsernameSignup { + /** + */ + status?: ConnectionCreateOptionsAttributesUsernameSignupStatusEnum; +} + +export const ConnectionCreateOptionsAttributesUsernameSignupStatusEnum = { + required: 'required', + optional: 'optional', + inactive: 'inactive', +} as const; +export type ConnectionCreateOptionsAttributesUsernameSignupStatusEnum = + (typeof ConnectionCreateOptionsAttributesUsernameSignupStatusEnum)[keyof typeof ConnectionCreateOptionsAttributesUsernameSignupStatusEnum]; + +/** + * + */ +export interface ConnectionCreateOptionsAttributesUsernameValidation { + /** + * Minimum allowed length + * + */ + min_length?: number; + /** + * Maximum allowed length + * + */ + max_length?: number; + /** + */ + allowed_types?: ConnectionCreateOptionsAttributesUsernameValidationAllowedTypes; +} +/** + * + */ +export interface ConnectionCreateOptionsAttributesUsernameValidationAllowedTypes { + /** + */ + email?: boolean; + /** + */ + phone_number?: boolean; +} +/** + * Options for enabling authentication methods. + */ +export interface ConnectionCreateOptionsAuthenticationMethods { + /** + */ + password?: ConnectionCreateOptionsAuthenticationMethodsPassword; + /** + */ + passkey?: ConnectionCreateOptionsAuthenticationMethodsPasskey; +} +/** + * Passkey authentication enablement + */ +export interface ConnectionCreateOptionsAuthenticationMethodsPasskey { + /** + * Determines whether passkeys are enabled + * + */ + enabled?: boolean; +} +/** + * Password authentication enablement + */ +export interface ConnectionCreateOptionsAuthenticationMethodsPassword { + /** + * Determines whether passwords are enabled + * + */ + enabled?: boolean; +} +/** + * Stores encrypted string only configurations for connections + */ +export type ConnectionCreateOptionsConfiguration = Array | { [key: string]: any }; +/** + * A map of scripts used to integrate with a custom database. + */ +export interface ConnectionCreateOptionsCustomScripts { + [key: string]: any | any; + /** + */ + login?: string; + /** + */ + get_user?: string; + /** + */ + _delete?: string; + /** + */ + change_password?: string; + /** + */ + verify?: string; + /** + */ + create?: string; + /** + */ + change_username?: string; + /** + */ + change_email?: string; + /** + */ + change_phone_number?: string; +} +/** + * Token-based authentication settings to be applied when connection is using an sms strategy. + */ +export interface ConnectionCreateOptionsGatewayAuthentication { + [key: string]: any | any; + /** + * The Authorization header type. + * + */ + method: string; + /** + * The subject to be added to the JWT payload. + * + */ + subject?: string; + /** + * The audience to be added to the JWT payload. + * + */ + audience: string; + /** + * The secret to be used for signing tokens. + * + */ + secret: string; + /** + * Set to true if the provided secret is base64 encoded. + * + */ + secret_base64_encoded?: boolean; +} +/** + * Options for the passkey authentication method + */ +export interface ConnectionCreateOptionsPasskeyOptions { /** * Controls the UI used to challenge the user for their passkey. * @@ -3379,7 +3553,7 @@ export interface ConnectionCreateOptionsPasswordHistory { size?: number; } /** - * Options for password expiration policy + * Options for personal info in passwords policy */ export interface ConnectionCreateOptionsPasswordNoPersonalInfo { /** @@ -3405,6 +3579,51 @@ export interface ConnectionCreateOptionsValidationUsername { */ max: number; } +/** + * + */ +export interface ConnectionForList { + /** + * The name of the connection + * + */ + name?: string; + /** + * Connection name used in login screen + * + */ + display_name?: string; + /** + * In order to return options in the response, the `read:connections_options` scope must be present + * + */ + options?: { [key: string]: any }; + /** + * The connection's identifier + * + */ + id?: string; + /** + * The type of the connection, related to the identity provider + * + */ + strategy?: string; + /** + * Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm. + * + */ + realms?: Array; + /** + * True if the connection is domain level + * + */ + is_domain_connection?: boolean; + /** + * Metadata associated with the connection in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. + * + */ + metadata?: { [key: string]: any }; +} /** * */ @@ -3423,8 +3642,15 @@ export interface ConnectionUpdate { */ enabled_clients?: Array; /** + * true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.) + * */ is_domain_connection?: boolean; + /** + * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.) + * + */ + show_as_button?: boolean; /** * Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm. * @@ -3437,7 +3663,7 @@ export interface ConnectionUpdate { metadata?: { [key: string]: any }; } /** - * The connection's options (depend on the connection strategy) + * The connection's options (depend on the connection strategy). To update these options, the `update:connections_options` scope must be present. To verify your changes, also include the `read:connections_options` scope. If this scope is not specified, you will not be able to review the updated object. */ export interface ConnectionUpdateOptions { [key: string]: any | any; @@ -3449,6 +3675,14 @@ export interface ConnectionUpdateOptions { * */ non_persistent_attrs?: Array; + /** + * Order of precedence for attribute types. If the property is not specified, the default precedence of attributes will be used. + * + */ + precedence?: Array; + /** + */ + attributes?: ConnectionCreateOptionsAttributes; /** */ enable_script_context?: boolean; @@ -3521,15 +3755,26 @@ export interface ConnectionUpdateOptions { */ upstream_params?: { [key: string]: any } | null; /** - * Determines whether the 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes can be independently updated when using an external IdP. Possible values are 'on_each_login' (default value, it configures the connection to automatically update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to only set the root attributes on first login, allowing them to be independently updated thereafter) + * When using an external IdP, this flag determines whether 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes are updated. In addition, it also determines whether the user is created when user doesnt exist previously. Possible values are 'on_each_login' (default value, it configures the connection to automatically create the user if necessary and update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to create the user and set the root attributes on first login only, allowing them to be independently updated thereafter), and 'never_on_login' (configures the connection not to create the user and not to set the root attributes from the external IdP, allowing them to be independently updated). * */ set_user_root_attributes?: ConnectionUpdateOptionsSetUserRootAttributesEnum; /** */ gateway_authentication?: ConnectionCreateOptionsGatewayAuthentication | null; + /** + */ + configuration?: ConnectionCreateOptionsConfiguration; } +export const ConnectionUpdateOptionsPrecedenceEnum = { + email: 'email', + phone_number: 'phone_number', + username: 'username', +} as const; +export type ConnectionUpdateOptionsPrecedenceEnum = + (typeof ConnectionUpdateOptionsPrecedenceEnum)[keyof typeof ConnectionUpdateOptionsPrecedenceEnum]; + export const ConnectionUpdateOptionsPasswordPolicyEnum = { none: 'none', low: 'low', @@ -3542,12 +3787,94 @@ export type ConnectionUpdateOptionsPasswordPolicyEnum = (typeof ConnectionUpdateOptionsPasswordPolicyEnum)[keyof typeof ConnectionUpdateOptionsPasswordPolicyEnum]; export const ConnectionUpdateOptionsSetUserRootAttributesEnum = { - each_login: 'on_each_login', - first_login: 'on_first_login', + on_each_login: 'on_each_login', + on_first_login: 'on_first_login', + never_on_login: 'never_on_login', } as const; export type ConnectionUpdateOptionsSetUserRootAttributesEnum = (typeof ConnectionUpdateOptionsSetUserRootAttributesEnum)[keyof typeof ConnectionUpdateOptionsSetUserRootAttributesEnum]; +/** + * + */ +export interface CreateOrganizationClientGrantsRequest { + /** + * A Client Grant ID to add to the organization. + * + */ + grant_id: string; +} +/** + * Phone provider configuration schema + */ +export interface CreatePhoneProviderRequest { + [key: string]: any | any; + /** + * Name of the phone notification provider + * + */ + name: CreatePhoneProviderRequestNameEnum; + /** + * Whether the provider is enabled (false) or disabled (true). + * + */ + disabled?: boolean; + /** + */ + configuration?: GetBrandingPhoneProviders200ResponseProvidersInnerConfiguration; + /** + */ + credentials: CreatePhoneProviderRequestCredentials; +} + +export const CreatePhoneProviderRequestNameEnum = { + twilio: 'twilio', + custom: 'custom', +} as const; +export type CreatePhoneProviderRequestNameEnum = + (typeof CreatePhoneProviderRequestNameEnum)[keyof typeof CreatePhoneProviderRequestNameEnum]; + +/** + * Provider credentials required to use authenticate to the provider. + */ +export type CreatePhoneProviderRequestCredentials = + | CreatePhoneProviderRequestCredentialsAnyOf + | object; +/** + * + */ +export interface CreatePhoneProviderRequestCredentialsAnyOf { + /** + */ + auth_token: string; +} +/** + * + */ +export interface CreatePhoneTemplateRequest { + /** + */ + type?: CreatePhoneTemplateRequestTypeEnum; + /** + * Whether the template is enabled (false) or disabled (true). + * + */ + disabled?: boolean; + /** + */ + content?: GetPhoneTemplates200ResponseTemplatesInnerContent; +} + +export const CreatePhoneTemplateRequestTypeEnum = { + otp_verify: 'otp_verify', + otp_enroll: 'otp_enroll', + change_password: 'change_password', + blocked_account: 'blocked_account', + password_breach: 'password_breach', +} as const; +export type CreatePhoneTemplateRequestTypeEnum = + (typeof CreatePhoneTemplateRequestTypeEnum)[keyof typeof CreatePhoneTemplateRequestTypeEnum]; + /** * */ @@ -3719,102 +4046,261 @@ export interface DeviceCredential { * Type of credential. Can be `public_key`, `refresh_token`, or `rotating_refresh_token`. * */ - type?: DeviceCredentialTypeEnum; + type?: DeviceCredentialTypeEnum; + /** + * user_id this credential is associated with. + * + */ + user_id?: string; + /** + * client_id of the client (application) this credential is for. + * + */ + client_id?: string; +} + +export const DeviceCredentialTypeEnum = { + public_key: 'public_key', + refresh_token: 'refresh_token', + rotating_refresh_token: 'rotating_refresh_token', +} as const; +export type DeviceCredentialTypeEnum = + (typeof DeviceCredentialTypeEnum)[keyof typeof DeviceCredentialTypeEnum]; + +/** + * + */ +export interface DeviceCredentialCreate { + [key: string]: any | any; + /** + * Name for this device easily recognized by owner. + * + */ + device_name: string; + /** + * Type of credential. Must be `public_key`. + * + */ + type: DeviceCredentialCreateTypeEnum; + /** + * Base64 encoded string containing the credential. + * + */ + value: string; + /** + * Unique identifier for the device. Recommend using Android_ID on Android and identifierForVendor. + * + */ + device_id: string; + /** + * client_id of the client (application) this credential is for. + * + */ + client_id?: string; +} + +export const DeviceCredentialCreateTypeEnum = { + public_key: 'public_key', +} as const; +export type DeviceCredentialCreateTypeEnum = + (typeof DeviceCredentialCreateTypeEnum)[keyof typeof DeviceCredentialCreateTypeEnum]; + +/** + * + */ +export interface EmailProvider { + /** + */ + getPayloadSchema: any | null; +} +/** + * + */ +export interface EmailProviderCreate { + /** + * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`. + * + */ + name: EmailProviderCreateNameEnum; + /** + * Whether the provider is enabled (true) or disabled (false). + * + */ + enabled?: boolean; + /** + * Email address to use as "from" when no other address specified. + * + */ + default_from_address?: string; + /** + */ + credentials: EmailProviderCreateCredentials; + /** + * Specific provider setting + * + */ + settings?: { [key: string]: any } | null; +} + +export const EmailProviderCreateNameEnum = { + mailgun: 'mailgun', + mandrill: 'mandrill', + sendgrid: 'sendgrid', + ses: 'ses', + sparkpost: 'sparkpost', + smtp: 'smtp', + azure_cs: 'azure_cs', + ms365: 'ms365', + custom: 'custom', +} as const; +export type EmailProviderCreateNameEnum = + (typeof EmailProviderCreateNameEnum)[keyof typeof EmailProviderCreateNameEnum]; + +/** + * Credentials required to use the provider. + */ +export type EmailProviderCreateCredentials = + | EmailProviderCreateCredentialsAnyOf + | EmailProviderCreateCredentialsAnyOf1 + | EmailProviderCreateCredentialsAnyOf2 + | EmailProviderCreateCredentialsAnyOf3 + | EmailProviderCreateCredentialsAnyOf4 + | EmailProviderCreateCredentialsAnyOf5 + | EmailProviderUpdateCredentialsAnyOf + | object; +/** + * + */ +export interface EmailProviderCreateCredentialsAnyOf { + /** + * AWS Access Key ID. + * + */ + accessKeyId: string; + /** + * AWS Secret Access Key. + * + */ + secretAccessKey: string; + /** + * AWS region. + * + */ + region: string; +} +/** + * + */ +export interface EmailProviderCreateCredentialsAnyOf1 { + /** + */ + smtp_host: EmailProviderUpdateCredentialsAnyOf2SmtpHost; + /** + * SMTP port. + * + */ + smtp_port: number; /** - * user_id this credential is associated with. + * SMTP username. * */ - user_id?: string; + smtp_user: string; /** - * client_id of the client (application) this credential is for. + * SMTP password. * */ - client_id?: string; + smtp_pass: string; } - -export const DeviceCredentialTypeEnum = { - public_key: 'public_key', - refresh_token: 'refresh_token', - rotating_refresh_token: 'rotating_refresh_token', -} as const; -export type DeviceCredentialTypeEnum = - (typeof DeviceCredentialTypeEnum)[keyof typeof DeviceCredentialTypeEnum]; - /** * */ -export interface DeviceCredentialCreate { - [key: string]: any | any; +export interface EmailProviderCreateCredentialsAnyOf2 { /** - * Name for this device easily recognized by owner. + * API Key * */ - device_name: string; + api_key: string; /** - * Type of credential. Must be `public_key`. + * Set to eu to use SparkPost service hosted in Western Europe. To use SparkPost hosted in North America, set it to null. * */ - type: DeviceCredentialCreateTypeEnum; + region?: EmailProviderCreateCredentialsAnyOf2RegionEnum; +} + +export const EmailProviderCreateCredentialsAnyOf2RegionEnum = { + eu: 'eu', + null: 'null', +} as const; +export type EmailProviderCreateCredentialsAnyOf2RegionEnum = + (typeof EmailProviderCreateCredentialsAnyOf2RegionEnum)[keyof typeof EmailProviderCreateCredentialsAnyOf2RegionEnum]; + +/** + * + */ +export interface EmailProviderCreateCredentialsAnyOf3 { /** - * Base64 encoded string containing the credential. + * API Key * */ - value: string; + api_key: string; /** - * Unique identifier for the device. Recommend using Android_ID on Android and identifierForVendor. + * Domain * */ - device_id: string; + domain: string; /** - * client_id of the client (application) this credential is for. + * Set to eu if your domain is provisioned to use Mailgun's EU region. Otherwise, set to null. * */ - client_id?: string; + region?: EmailProviderCreateCredentialsAnyOf3RegionEnum; } -export const DeviceCredentialCreateTypeEnum = { - public_key: 'public_key', +export const EmailProviderCreateCredentialsAnyOf3RegionEnum = { + eu: 'eu', + null: 'null', } as const; -export type DeviceCredentialCreateTypeEnum = - (typeof DeviceCredentialCreateTypeEnum)[keyof typeof DeviceCredentialCreateTypeEnum]; +export type EmailProviderCreateCredentialsAnyOf3RegionEnum = + (typeof EmailProviderCreateCredentialsAnyOf3RegionEnum)[keyof typeof EmailProviderCreateCredentialsAnyOf3RegionEnum]; /** * */ -export interface EmailProvider { +export interface EmailProviderCreateCredentialsAnyOf4 { /** - * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. + * Azure Communication Services Connection String. * */ - name: string; + connectionString: string; +} +/** + * + */ +export interface EmailProviderCreateCredentialsAnyOf5 { /** - * Whether the provider is enabled (true) or disabled (false). + * Microsoft 365 Tenant ID. * */ - enabled: boolean; + tenantId: string; /** - * Email address to use as "from" when no other address specified. + * Microsoft 365 Client ID. * */ - default_from_address: string; - /** - */ - credentials: EmailProviderCredentials; + clientId: string; /** - * Specific provider setting + * Microsoft 365 Client Secret. * */ - settings: { [key: string]: any }; + clientSecret: string; } /** * */ -export interface EmailProviderCreate { +export interface EmailProviderUpdate { /** - * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. + * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`. * */ - name: EmailProviderCreateNameEnum; + name?: EmailProviderUpdateNameEnum; /** * Whether the provider is enabled (true) or disabled (false). * @@ -3827,7 +4313,7 @@ export interface EmailProviderCreate { default_from_address?: string; /** */ - credentials: EmailProviderUpdateCredentials; + credentials?: EmailProviderUpdateCredentials; /** * Specific provider setting * @@ -3835,7 +4321,7 @@ export interface EmailProviderCreate { settings?: { [key: string]: any } | null; } -export const EmailProviderCreateNameEnum = { +export const EmailProviderUpdateNameEnum = { mailgun: 'mailgun', mandrill: 'mandrill', sendgrid: 'sendgrid', @@ -3844,92 +4330,167 @@ export const EmailProviderCreateNameEnum = { smtp: 'smtp', azure_cs: 'azure_cs', ms365: 'ms365', + custom: 'custom', } as const; -export type EmailProviderCreateNameEnum = - (typeof EmailProviderCreateNameEnum)[keyof typeof EmailProviderCreateNameEnum]; +export type EmailProviderUpdateNameEnum = + (typeof EmailProviderUpdateNameEnum)[keyof typeof EmailProviderUpdateNameEnum]; /** * Credentials required to use the provider. */ -export interface EmailProviderCredentials { +export type EmailProviderUpdateCredentials = + | EmailProviderUpdateCredentialsAnyOf + | EmailProviderUpdateCredentialsAnyOf1 + | EmailProviderUpdateCredentialsAnyOf2 + | EmailProviderUpdateCredentialsAnyOf3 + | EmailProviderUpdateCredentialsAnyOf4 + | EmailProviderUpdateCredentialsAnyOf5 + | EmailProviderUpdateCredentialsAnyOf6 + | object; +/** + * + */ +export interface EmailProviderUpdateCredentialsAnyOf { + /** + * API Key + * + */ + api_key: string; +} +/** + * + */ +export interface EmailProviderUpdateCredentialsAnyOf1 { /** - * API User. + * AWS Access Key ID. * */ - api_user: string; + accessKeyId?: string; /** - * AWS or SparkPost region. + * AWS Secret Access Key. * */ - region: string; + secretAccessKey?: string; /** - * SMTP host. + * AWS region. * */ - smtp_host: string; + region?: string; +} +/** + * + */ +export interface EmailProviderUpdateCredentialsAnyOf2 { + /** + */ + smtp_host?: EmailProviderUpdateCredentialsAnyOf2SmtpHost; /** * SMTP port. * */ - smtp_port: number; + smtp_port?: number; /** * SMTP username. * */ - smtp_user: string; + smtp_user?: string; + /** + * SMTP password. + * + */ + smtp_pass?: string; } +/** + * SMTP host. + */ +export type EmailProviderUpdateCredentialsAnyOf2SmtpHost = string; /** * */ -export interface EmailProviderUpdate { +export interface EmailProviderUpdateCredentialsAnyOf3 { /** - * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. + * API Key * */ - name?: EmailProviderUpdateNameEnum; + api_key?: string; /** - * Whether the provider is enabled (true) or disabled (false). + * Set to eu to use SparkPost service hosted in Western Europe. To use SparkPost hosted in North America, set it to null. * */ - enabled?: boolean; + region?: EmailProviderUpdateCredentialsAnyOf3RegionEnum; +} + +export const EmailProviderUpdateCredentialsAnyOf3RegionEnum = { + eu: 'eu', + null: 'null', +} as const; +export type EmailProviderUpdateCredentialsAnyOf3RegionEnum = + (typeof EmailProviderUpdateCredentialsAnyOf3RegionEnum)[keyof typeof EmailProviderUpdateCredentialsAnyOf3RegionEnum]; + +/** + * + */ +export interface EmailProviderUpdateCredentialsAnyOf4 { /** - * Email address to use as "from" when no other address specified. + * API Key * */ - default_from_address?: string; + api_key?: string; /** + * Domain + * */ - credentials?: EmailProviderUpdateCredentials; + domain?: string; /** - * Specific provider setting + * Set to eu if your domain is provisioned to use Mailgun's EU region. Otherwise, set to null. * */ - settings?: { [key: string]: any } | null; + region?: EmailProviderUpdateCredentialsAnyOf4RegionEnum; } -export const EmailProviderUpdateNameEnum = { - mailgun: 'mailgun', - mandrill: 'mandrill', - sendgrid: 'sendgrid', - ses: 'ses', - sparkpost: 'sparkpost', - smtp: 'smtp', - azure_cs: 'azure_cs', - ms365: 'ms365', +export const EmailProviderUpdateCredentialsAnyOf4RegionEnum = { + eu: 'eu', + null: 'null', } as const; -export type EmailProviderUpdateNameEnum = - (typeof EmailProviderUpdateNameEnum)[keyof typeof EmailProviderUpdateNameEnum]; +export type EmailProviderUpdateCredentialsAnyOf4RegionEnum = + (typeof EmailProviderUpdateCredentialsAnyOf4RegionEnum)[keyof typeof EmailProviderUpdateCredentialsAnyOf4RegionEnum]; /** - * Credentials required to use the provider. + * + */ +export interface EmailProviderUpdateCredentialsAnyOf5 { + /** + * Azure Communication Services Connection String. + * + */ + connectionString?: string; +} +/** + * */ -export type EmailProviderUpdateCredentials = any; +export interface EmailProviderUpdateCredentialsAnyOf6 { + /** + * Microsoft 365 Tenant ID. + * + */ + tenantId?: string; + /** + * Microsoft 365 Client ID. + * + */ + clientId?: string; + /** + * Microsoft 365 Client Secret. + * + */ + clientSecret?: string; +} /** * */ export interface EmailTemplateUpdate { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ template: EmailTemplateUpdateTemplateEnum; @@ -3979,6 +4540,7 @@ export const EmailTemplateUpdateTemplateEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -4021,11 +4583,15 @@ export interface Enrollment { */ phone_number?: string; /** + * Enrollment date and time. + * */ - enrolled_at?: EnrollmentEnrolledAt; + enrolled_at?: string; /** + * Last authentication date and time. + * */ - last_auth?: EnrollmentLastAuth; + last_auth?: string; } export const EnrollmentStatusEnum = { @@ -4053,15 +4619,12 @@ export interface EnrollmentCreate { * */ send_mail?: boolean; + /** + * Optional. Specify the locale of the enrollment email. Used with send_email. + * + */ + email_locale?: string; } -/** - * - */ -export type EnrollmentEnrolledAt = string; -/** - * - */ -export type EnrollmentLastAuth = string; /** * */ @@ -4110,7 +4673,7 @@ export interface GetActionVersions200Response { */ page: number; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page: number; @@ -4173,10 +4736,8 @@ export interface GetActionVersions200ResponseVersionsInner { */ errors: Array; /** - * The action to which this verison belongs. - * */ - action: any | null; + action: GetActionVersions200ResponseVersionsInnerAction; /** * The time when this version was built successfully. * @@ -4188,7 +4749,7 @@ export interface GetActionVersions200ResponseVersionsInner { */ created_at: string; /** - * The time when a version was updated. Versions are never updated externally. Only Auth0 will update an action version as it is beiing built. + * The time when a version was updated. Versions are never updated externally. Only Auth0 will update an action version as it is being built. * */ updated_at: string; @@ -4210,6 +4771,41 @@ export const GetActionVersions200ResponseVersionsInnerStatusEnum = { export type GetActionVersions200ResponseVersionsInnerStatusEnum = (typeof GetActionVersions200ResponseVersionsInnerStatusEnum)[keyof typeof GetActionVersions200ResponseVersionsInnerStatusEnum]; +/** + * The action to which this version belongs. + */ +export interface GetActionVersions200ResponseVersionsInnerAction { + /** + * The unique ID of the action. + * + */ + id: string; + /** + * The name of an action. + * + */ + name: string; + /** + * The list of triggers that this action supports. At this time, an action can only target a single trigger at a time. + * + */ + supported_triggers: Array; + /** + * True if all of an Action's contents have been deployed. + * + */ + all_changes_deployed: boolean; + /** + * The time when this action was created. + * + */ + created_at: string; + /** + * The time when this action was updated. + * + */ + updated_at: string; +} /** * Error is a generic error with a human readable id which should be easily referenced in support tickets. */ @@ -4268,6 +4864,21 @@ export interface GetActions200ResponseActionsInner { * */ supported_triggers: Array; + /** + * True if all of an Action's contents have been deployed. + * + */ + all_changes_deployed: boolean; + /** + * The time when this action was created. + * + */ + created_at: string; + /** + * The time when this action was updated. + * + */ + updated_at: string; /** * The source code of the action. * @@ -4306,26 +4917,11 @@ export interface GetActions200ResponseActionsInner { * */ status: GetActions200ResponseActionsInnerStatusEnum; - /** - * True if all of an Action's contents have been deployed. - * - */ - all_changes_deployed: boolean; /** * The time when this action was built successfully. * */ built_at: string; - /** - * The time when this action was created. - * - */ - created_at: string; - /** - * The time when this action was updated. - * - */ - updated_at: string; } export const GetActions200ResponseActionsInnerStatusEnum = { @@ -4586,8 +5182,10 @@ export interface GetActions200ResponseActionsInnerSecretsInner { */ export interface GetActions200ResponseActionsInnerSupportedTriggersInner { /** + * An actions extensibility point. + * */ - id: GetActions200ResponseActionsInnerSupportedTriggersInnerId; + id: GetActions200ResponseActionsInnerSupportedTriggersInnerIdEnum; /** * The version of a trigger. v1, v2, etc. * @@ -4613,45 +5211,69 @@ export interface GetActions200ResponseActionsInnerSupportedTriggersInner { * */ compatible_triggers?: Array; -} -/** - * - */ -export interface GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInner { - [key: string]: any | any; - /** - */ - id: GetActions200ResponseActionsInnerSupportedTriggersInnerId; /** - * The version of a trigger. v1, v2, etc. + * In order to execute an Action, it must be bound to a trigger using a binding. `trigger-bound` means that bindings are managed by the tenant. `entity-bound` means that the bindings are automatically managed by Auth0 and other internal resouces will control those bindings. Tenants cannot manage `entity-bound` bindings. * */ - version: string; + binding_policy?: GetActions200ResponseActionsInnerSupportedTriggersInnerBindingPolicyEnum; } -/** - * An actions extensibility point. Acceptable values: post-login, credentials-exchange, pre-user-registration, post-user-registration, post-change-password, send-phone-message, password-reset-post-challenge - */ -export type GetActions200ResponseActionsInnerSupportedTriggersInnerId = - GetActions200ResponseActionsInnerSupportedTriggersInnerIdAnyOf; -/** - * - */ -export const GetActions200ResponseActionsInnerSupportedTriggersInnerIdAnyOf = { +export const GetActions200ResponseActionsInnerSupportedTriggersInnerIdEnum = { post_login: 'post-login', credentials_exchange: 'credentials-exchange', pre_user_registration: 'pre-user-registration', post_user_registration: 'post-user-registration', post_change_password: 'post-change-password', send_phone_message: 'send-phone-message', - iga_approval: 'iga-approval', - iga_certification: 'iga-certification', - iga_fulfillment_assignment: 'iga-fulfillment-assignment', - iga_fulfillment_execution: 'iga-fulfillment-execution', + custom_phone_provider: 'custom-phone-provider', + custom_email_provider: 'custom-email-provider', password_reset_post_challenge: 'password-reset-post-challenge', + custom_token_exchange_beta: 'custom-token-exchange-beta', + custom_token_exchange: 'custom-token-exchange', } as const; -export type GetActions200ResponseActionsInnerSupportedTriggersInnerIdAnyOf = - (typeof GetActions200ResponseActionsInnerSupportedTriggersInnerIdAnyOf)[keyof typeof GetActions200ResponseActionsInnerSupportedTriggersInnerIdAnyOf]; +export type GetActions200ResponseActionsInnerSupportedTriggersInnerIdEnum = + (typeof GetActions200ResponseActionsInnerSupportedTriggersInnerIdEnum)[keyof typeof GetActions200ResponseActionsInnerSupportedTriggersInnerIdEnum]; + +export const GetActions200ResponseActionsInnerSupportedTriggersInnerBindingPolicyEnum = { + trigger_bound: 'trigger-bound', + entity_bound: 'entity-bound', +} as const; +export type GetActions200ResponseActionsInnerSupportedTriggersInnerBindingPolicyEnum = + (typeof GetActions200ResponseActionsInnerSupportedTriggersInnerBindingPolicyEnum)[keyof typeof GetActions200ResponseActionsInnerSupportedTriggersInnerBindingPolicyEnum]; + +/** + * + */ +export interface GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInner { + [key: string]: any | any; + /** + * An actions extensibility point. + * + */ + id: GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInnerIdEnum; + /** + * The version of a trigger. v1, v2, etc. + * + */ + version: string; +} + +export const GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInnerIdEnum = + { + post_login: 'post-login', + credentials_exchange: 'credentials-exchange', + pre_user_registration: 'pre-user-registration', + post_user_registration: 'post-user-registration', + post_change_password: 'post-change-password', + send_phone_message: 'send-phone-message', + custom_phone_provider: 'custom-phone-provider', + custom_email_provider: 'custom-email-provider', + password_reset_post_challenge: 'password-reset-post-challenge', + custom_token_exchange_beta: 'custom-token-exchange-beta', + custom_token_exchange: 'custom-token-exchange', + } as const; +export type GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInnerIdEnum = + (typeof GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInnerIdEnum)[keyof typeof GetActions200ResponseActionsInnerSupportedTriggersInnerCompatibleTriggersInnerIdEnum]; /** * @@ -4724,7 +5346,7 @@ export interface GetAuthenticationMethods200ResponseOneOfInner { */ authentication_methods?: Array; /** - * The authentication method preferred for phone authenticators. + * Applies to phone authentication methods only. The preferred communication method. * */ preferred_authentication_method?: GetAuthenticationMethods200ResponseOneOfInnerPreferredAuthenticationMethodEnum; @@ -4869,8 +5491,10 @@ export interface GetBindings200ResponseBindingsInner { */ id: string; /** + * An actions extensibility point. + * */ - trigger_id: GetActions200ResponseActionsInnerSupportedTriggersInnerId; + trigger_id: GetBindings200ResponseBindingsInnerTriggerIdEnum; /** * The name of the binding. * @@ -4890,6 +5514,23 @@ export interface GetBindings200ResponseBindingsInner { */ updated_at: string; } + +export const GetBindings200ResponseBindingsInnerTriggerIdEnum = { + post_login: 'post-login', + credentials_exchange: 'credentials-exchange', + pre_user_registration: 'pre-user-registration', + post_user_registration: 'post-user-registration', + post_change_password: 'post-change-password', + send_phone_message: 'send-phone-message', + custom_phone_provider: 'custom-phone-provider', + custom_email_provider: 'custom-email-provider', + password_reset_post_challenge: 'password-reset-post-challenge', + custom_token_exchange_beta: 'custom-token-exchange-beta', + custom_token_exchange: 'custom-token-exchange', +} as const; +export type GetBindings200ResponseBindingsInnerTriggerIdEnum = + (typeof GetBindings200ResponseBindingsInnerTriggerIdEnum)[keyof typeof GetBindings200ResponseBindingsInnerTriggerIdEnum]; + /** * */ @@ -4949,6 +5590,93 @@ export interface GetBranding200ResponseFont { */ url: string; } +/** + * + */ +export interface GetBrandingPhoneProviders200Response { + [key: string]: any | any; + /** + */ + providers: Array; +} +/** + * Phone provider configuration schema + */ +export interface GetBrandingPhoneProviders200ResponseProvidersInner { + /** + */ + id?: string; + /** + * Name of the phone notification provider + * + */ + name: GetBrandingPhoneProviders200ResponseProvidersInnerNameEnum; + /** + * Whether the provider is enabled (false) or disabled (true). + * + */ + disabled?: boolean; + /** + */ + configuration?: GetBrandingPhoneProviders200ResponseProvidersInnerConfiguration; +} + +export const GetBrandingPhoneProviders200ResponseProvidersInnerNameEnum = { + twilio: 'twilio', + custom: 'custom', +} as const; +export type GetBrandingPhoneProviders200ResponseProvidersInnerNameEnum = + (typeof GetBrandingPhoneProviders200ResponseProvidersInnerNameEnum)[keyof typeof GetBrandingPhoneProviders200ResponseProvidersInnerNameEnum]; + +/** + * + */ +export type GetBrandingPhoneProviders200ResponseProvidersInnerConfiguration = + | GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf + | GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1; +/** + * + */ +export interface GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf { + /** + */ + default_from?: string; + /** + */ + mssid?: string; + /** + */ + sid: string; + /** + */ + delivery_methods: Array; +} + +export const GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOfDeliveryMethodsEnum = + { + text: 'text', + voice: 'voice', + } as const; +export type GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOfDeliveryMethodsEnum = + (typeof GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOfDeliveryMethodsEnum)[keyof typeof GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOfDeliveryMethodsEnum]; + +/** + * + */ +export interface GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1 { + /** + */ + delivery_methods: Array; +} + +export const GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1DeliveryMethodsEnum = + { + text: 'text', + voice: 'voice', + } as const; +export type GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1DeliveryMethodsEnum = + (typeof GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1DeliveryMethodsEnum)[keyof typeof GetBrandingPhoneProviders200ResponseProvidersInnerConfigurationAnyOf1DeliveryMethodsEnum]; + /** * */ @@ -5084,11 +5812,108 @@ export type GetBruteForceProtection200ResponseModeEnum = /** * */ -export type GetBruteForceProtection200ResponseAllowlistInner = any; +export type GetBruteForceProtection200ResponseAllowlistInner = string; +/** + * + */ +export type GetClientGrantOrganizations200Response = + | Array + | GetClientGrantOrganizations200ResponseOneOf + | GetClientGrantOrganizations200ResponseOneOf1; +/** + * + */ +export interface GetClientGrantOrganizations200ResponseOneOf { + /** + */ + start: number; + /** + */ + limit: number; + /** + */ + total: number; + /** + */ + organizations: Array; +} +/** + * + */ +export interface GetClientGrantOrganizations200ResponseOneOf1 { + /** + * Opaque identifier for use with the from query parameter for the next page of results.
    This identifier is valid for 24 hours. + * + */ + next: string; + /** + */ + organizations: Array; +} +/** + * + */ +export interface GetClientGrantOrganizations200ResponseOneOfInner { + [key: string]: any | any; + /** + * Organization identifier. + * + */ + id: string; + /** + * The name of this organization. + * + */ + name: string; + /** + * Friendly name of this organization. + * + */ + display_name: string; + /** + */ + branding: GetClientGrantOrganizations200ResponseOneOfInnerBranding; + /** + * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 25 metadata properties allowed. + * + */ + metadata: { [key: string]: any }; +} +/** + * Theme defines how to style the login pages. + */ +export interface GetClientGrantOrganizations200ResponseOneOfInnerBranding { + /** + * URL of logo to display on login page. + * + */ + logo_url: string; + /** + */ + colors: GetClientGrantOrganizations200ResponseOneOfInnerBrandingColors; +} +/** + * Color scheme used to customize the login pages. + */ +export interface GetClientGrantOrganizations200ResponseOneOfInnerBrandingColors { + /** + * HEX Color for primary elements. + * + */ + primary: string; + /** + * HEX Color for background. + * + */ + page_background: string; +} /** * */ -export type GetClientGrants200Response = Array | GetClientGrants200ResponseOneOf; +export type GetClientGrants200Response = + | Array + | GetClientGrants200ResponseOneOf + | GetClientGrants200ResponseOneOf1; /** * */ @@ -5106,6 +5931,19 @@ export interface GetClientGrants200ResponseOneOf { */ client_grants: Array; } +/** + * + */ +export interface GetClientGrants200ResponseOneOf1 { + /** + * Opaque identifier for use with the from query parameter for the next page of results.
    This identifier is valid for 24 hours. + * + */ + next: string; + /** + */ + client_grants: Array; +} /** * */ @@ -5135,6 +5973,8 @@ export interface GetClients200ResponseOneOf { */ export interface GetClients200ResponseOneOf1 { /** + * Opaque identifier for use with the from query parameter for the next page of results.
    This identifier is valid for 24 hours. + * */ next: string; /** @@ -5144,7 +5984,7 @@ export interface GetClients200ResponseOneOf1 { /** * */ -export type GetConnections200Response = Array | GetConnections200ResponseOneOf; +export type GetConnections200Response = Array | GetConnections200ResponseOneOf; /** * */ @@ -5160,7 +6000,7 @@ export interface GetConnections200ResponseOneOf { total: number; /** */ - connections: Array; + connections: Array; } /** * @@ -5265,7 +6105,7 @@ export interface GetDeviceCredentials200ResponseOneOf { */ export interface GetEmailTemplatesByTemplateName200Response { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ template: GetEmailTemplatesByTemplateName200ResponseTemplateEnum; @@ -5315,6 +6155,7 @@ export const GetEmailTemplatesByTemplateName200ResponseTemplateEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -5378,6 +6219,96 @@ export interface GetEnabledConnections200ResponseOneOfInner { */ connection: PostOrganizations201ResponseEnabledConnectionsInnerConnection; } +/** + * + */ +export type GetEncryptionKeys200Response = + | Array + | GetEncryptionKeys200ResponseOneOf; +/** + * + */ +export interface GetEncryptionKeys200ResponseOneOf { + /** + * Page index of the results to return. First page is 0. + * + */ + start: number; + /** + * Number of results per page. + * + */ + limit: number; + /** + * Total amount of encryption keys. + * + */ + total: number; + /** + * Encryption keys. + * + */ + keys: Array; +} +/** + * Encryption key + */ +export interface GetEncryptionKeys200ResponseOneOfInner { + /** + * Key ID + * + */ + kid: string; + /** + * Key type + * + */ + type: GetEncryptionKeys200ResponseOneOfInnerTypeEnum; + /** + * Key state + * + */ + state: GetEncryptionKeys200ResponseOneOfInnerStateEnum; + /** + * Key creation timestamp + * + */ + created_at: string; + /** + * Key update timestamp + * + */ + updated_at: string; + /** + * ID of parent wrapping key + * + */ + parent_kid: string; + /** + * Public key in PEM format + * + */ + public_key?: string; +} + +export const GetEncryptionKeys200ResponseOneOfInnerTypeEnum = { + customer_provided_root_key: 'customer-provided-root-key', + environment_root_key: 'environment-root-key', + tenant_master_key: 'tenant-master-key', + tenant_encryption_key: 'tenant-encryption-key', +} as const; +export type GetEncryptionKeys200ResponseOneOfInnerTypeEnum = + (typeof GetEncryptionKeys200ResponseOneOfInnerTypeEnum)[keyof typeof GetEncryptionKeys200ResponseOneOfInnerTypeEnum]; + +export const GetEncryptionKeys200ResponseOneOfInnerStateEnum = { + pre_activation: 'pre-activation', + active: 'active', + deactivated: 'deactivated', + destroyed: 'destroyed', +} as const; +export type GetEncryptionKeys200ResponseOneOfInnerStateEnum = + (typeof GetEncryptionKeys200ResponseOneOfInnerStateEnum)[keyof typeof GetEncryptionKeys200ResponseOneOfInnerStateEnum]; + /** * */ @@ -5428,8 +6359,10 @@ export interface GetExecution200Response { */ id: string; /** + * An actions extensibility point. + * */ - trigger_id: GetActions200ResponseActionsInnerSupportedTriggersInnerId; + trigger_id: GetExecution200ResponseTriggerIdEnum; /** * The overall status of an execution. * @@ -5450,6 +6383,22 @@ export interface GetExecution200Response { updated_at: string; } +export const GetExecution200ResponseTriggerIdEnum = { + post_login: 'post-login', + credentials_exchange: 'credentials-exchange', + pre_user_registration: 'pre-user-registration', + post_user_registration: 'post-user-registration', + post_change_password: 'post-change-password', + send_phone_message: 'send-phone-message', + custom_phone_provider: 'custom-phone-provider', + custom_email_provider: 'custom-email-provider', + password_reset_post_challenge: 'password-reset-post-challenge', + custom_token_exchange_beta: 'custom-token-exchange-beta', + custom_token_exchange: 'custom-token-exchange', +} as const; +export type GetExecution200ResponseTriggerIdEnum = + (typeof GetExecution200ResponseTriggerIdEnum)[keyof typeof GetExecution200ResponseTriggerIdEnum]; + export const GetExecution200ResponseStatusEnum = { unspecified: 'unspecified', pending: 'pending', @@ -5484,6 +6433,20 @@ export interface GetExecution200ResponseResultsInner { */ ended_at: string; } +/** + * + */ +export interface GetFactorDuoSettings200Response { + /** + */ + ikey: string; + /** + */ + skey: string; + /** + */ + host: string; +} /** * */ @@ -5779,6 +6742,23 @@ export interface GetGrants200ResponseOneOf { */ grants: Array; } +/** + * + */ +export interface GetGuardianPhoneProviders200Response { + /** + */ + provider: GetGuardianPhoneProviders200ResponseProviderEnum; +} + +export const GetGuardianPhoneProviders200ResponseProviderEnum = { + auth0: 'auth0', + twilio: 'twilio', + phone_message_hook: 'phone-message-hook', +} as const; +export type GetGuardianPhoneProviders200ResponseProviderEnum = + (typeof GetGuardianPhoneProviders200ResponseProviderEnum)[keyof typeof GetGuardianPhoneProviders200ResponseProviderEnum]; + /** * */ @@ -5830,7 +6810,7 @@ export interface GetInvitations200ResponseOneOfInner { */ id: string; /** - * Organization identifier + * Organization identifier. * */ organization_id: string; @@ -5891,52 +6871,58 @@ export interface GetInvitations200ResponseOneOfInnerAppMetadata { [key: string]: any | any; /** */ - clientID: any | null; + __tenant: any | null; + /** + */ + _id: any | null; + /** + */ + blocked: any | null; /** */ - globalClientID: any | null; + clientID: any | null; /** */ - global_client_id: any | null; + created_at: any | null; /** */ email_verified: any | null; /** */ - user_id: any | null; + email: any | null; /** */ - identities: any | null; + globalClientID: any | null; /** */ - lastIP: any | null; + global_client_id: any | null; /** */ - lastLogin: any | null; + identities: any | null; /** */ - metadata: any | null; + lastIP: any | null; /** */ - created_at: any | null; + lastLogin: any | null; /** */ loginsCount: any | null; /** */ - _id: any | null; + metadata: any | null; /** */ - email: any | null; + multifactor_last_modified: any | null; /** */ - blocked: any | null; + multifactor: any | null; /** */ - __tenant: any | null; + updated_at: any | null; /** */ - updated_at: any | null; + user_id: any | null; } /** * @@ -5993,6 +6979,11 @@ export interface GetLogStreams200ResponseInnerOneOf { /** */ type: GetLogStreams200ResponseInnerOneOfTypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6040,6 +7031,11 @@ export interface GetLogStreams200ResponseInnerOneOf1 { /** */ type: GetLogStreams200ResponseInnerOneOf1TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6136,6 +7132,11 @@ export interface GetLogStreams200ResponseInnerOneOf2 { /** */ type: GetLogStreams200ResponseInnerOneOf2TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6211,6 +7212,7 @@ export const GetLogStreams200ResponseInnerOneOf2SinkAzureRegionEnum = { southcentralus: 'southcentralus', southeastasia: 'southeastasia', southindia: 'southindia', + swedencentral: 'swedencentral', switzerlandnorth: 'switzerlandnorth', uaenorth: 'uaenorth', uksouth: 'uksouth', @@ -6247,6 +7249,11 @@ export interface GetLogStreams200ResponseInnerOneOf3 { /** */ type: GetLogStreams200ResponseInnerOneOf3TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6319,6 +7326,11 @@ export interface GetLogStreams200ResponseInnerOneOf4 { /** */ type: GetLogStreams200ResponseInnerOneOf4TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6391,6 +7403,11 @@ export interface GetLogStreams200ResponseInnerOneOf5 { /** */ type: GetLogStreams200ResponseInnerOneOf5TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6448,6 +7465,11 @@ export interface GetLogStreams200ResponseInnerOneOf6 { /** */ type: GetLogStreams200ResponseInnerOneOf6TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6505,6 +7527,11 @@ export interface GetLogStreams200ResponseInnerOneOf7 { /** */ type: GetLogStreams200ResponseInnerOneOf7TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -6601,6 +7628,7 @@ export const GetLogStreams200ResponseInnerOneOfFiltersInnerNameEnum = { auth_token_exchange_success: 'auth.token_exchange.success', management_fail: 'management.fail', management_success: 'management.success', + scim_event: 'scim.event', system_notification: 'system.notification', user_fail: 'user.fail', user_notification: 'user.notification', @@ -6833,7 +7861,26 @@ export interface GetOrganizationClientGrants200ResponseOneOfInner { * */ scope: Array; + /** + * Defines whether organizations can be used with client credentials exchanges for this grant. + * + */ + organization_usage: GetOrganizationClientGrants200ResponseOneOfInnerOrganizationUsageEnum; + /** + * If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations. + * + */ + allow_any_organization: boolean; } + +export const GetOrganizationClientGrants200ResponseOneOfInnerOrganizationUsageEnum = { + deny: 'deny', + allow: 'allow', + require: 'require', +} as const; +export type GetOrganizationClientGrants200ResponseOneOfInnerOrganizationUsageEnum = + (typeof GetOrganizationClientGrants200ResponseOneOfInnerOrganizationUsageEnum)[keyof typeof GetOrganizationClientGrants200ResponseOneOfInnerOrganizationUsageEnum]; + /** * */ @@ -6881,162 +7928,149 @@ export interface GetOrganizationMemberRoles200ResponseOneOfInner { * */ export type GetOrganizations200Response = - | Array - | GetOrganizations200ResponseOneOf - | GetOrganizations200ResponseOneOf1; + | Array + | GetClientGrantOrganizations200ResponseOneOf + | GetOrganizations200ResponseOneOf; /** * */ export interface GetOrganizations200ResponseOneOf { /** */ - start: number; - /** - */ - limit: number; - /** - */ - total: number; + next: string; /** */ - organizations: Array; + organizations: Array; } /** * */ -export interface GetOrganizations200ResponseOneOf1 { - /** - */ - next: string; - /** - */ - organizations: Array; -} +export type GetPermissions200Response = + | Array + | GetPermissions200ResponseOneOf; /** * */ -export interface GetOrganizations200ResponseOneOfInner { - [key: string]: any | any; - /** - * Organization identifier - * - */ - id: string; +export interface GetPermissions200ResponseOneOf { /** - * The name of this organization. - * */ - name: string; + start: number; /** - * Friendly name of this organization. - * */ - display_name: string; + limit: number; /** */ - branding: GetOrganizations200ResponseOneOfInnerBranding; + total: number; /** - * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. - * */ - metadata: { [key: string]: any }; + permissions: Array; } /** - * Theme defines how to style the login pages + * */ -export interface GetOrganizations200ResponseOneOfInnerBranding { +export interface GetPermissions200ResponseOneOfInner { /** - * URL of logo to display on login page + */ + sources: any | null; + /** + * Resource server (API) identifier that this permission is for. * */ - logo_url: string; + resource_server_identifier: string; /** + * Name of this permission. + * */ - colors: GetOrganizations200ResponseOneOfInnerBrandingColors; -} -/** - * Color scheme used to customize the login pages - */ -export interface GetOrganizations200ResponseOneOfInnerBrandingColors { + permission_name: string; /** - * HEX Color for primary elements + * Resource server (API) name this permission is for. * */ - primary: string; + resource_server_name: string; /** - * HEX Color for background + * Description of this permission. * */ - page_background: string; + description: string; } /** * */ -export type GetPermissions200Response = - | Array - | GetPermissions200ResponseOneOf; +export interface GetPhoneTemplates200Response { + /** + */ + templates: Array; +} /** * */ -export interface GetPermissions200ResponseOneOf { +export interface GetPhoneTemplates200ResponseTemplatesInner { /** */ - start: number; + id: string; /** */ - limit: number; + channel?: string; /** */ - total: number; + customizable?: boolean; /** */ - permissions: Array; -} -/** - * - */ -export interface GetPermissions200ResponseOneOfInner { + tenant?: string; /** */ - sources: any | null; + content: GetPhoneTemplates200ResponseTemplatesInnerContent; /** - * Resource server (API) identifier that this permission is for. - * */ - resource_server_identifier: string; + type: GetPhoneTemplates200ResponseTemplatesInnerTypeEnum; /** - * Name of this permission. + * Whether the template is enabled (false) or disabled (true). * */ - permission_name: string; + disabled: boolean; +} + +export const GetPhoneTemplates200ResponseTemplatesInnerTypeEnum = { + otp_verify: 'otp_verify', + otp_enroll: 'otp_enroll', + change_password: 'change_password', + blocked_account: 'blocked_account', + password_breach: 'password_breach', +} as const; +export type GetPhoneTemplates200ResponseTemplatesInnerTypeEnum = + (typeof GetPhoneTemplates200ResponseTemplatesInnerTypeEnum)[keyof typeof GetPhoneTemplates200ResponseTemplatesInnerTypeEnum]; + +/** + * + */ +export interface GetPhoneTemplates200ResponseTemplatesInnerContent { /** - * Resource server (API) name this permission is for. - * */ - resource_server_name: string; + syntax?: string; /** - * Description of this permission. + * Default phone number to be used as 'from' when sending a phone notification * */ - description: string; + from?: string; + /** + */ + body?: GetPhoneTemplates200ResponseTemplatesInnerContentBody; } /** * */ -export interface GetPhoneProviders200Response { +export interface GetPhoneTemplates200ResponseTemplatesInnerContentBody { + /** + * Content of the phone template for text notifications + * + */ + text?: string; /** + * Content of the phone template for voice notifications + * */ - provider: GetPhoneProviders200ResponseProviderEnum; + voice?: string; } - -export const GetPhoneProviders200ResponseProviderEnum = { - auth0: 'auth0', - twilio: 'twilio', - phone_message_hook: 'phone-message-hook', -} as const; -export type GetPhoneProviders200ResponseProviderEnum = - (typeof GetPhoneProviders200ResponseProviderEnum)[keyof typeof GetPhoneProviders200ResponseProviderEnum]; - /** * */ @@ -7078,6 +8112,9 @@ export interface GetRefreshToken200Response { /** */ expires_at: GetRefreshToken200ResponseExpiresAt | null; + /** + */ + device: GetRefreshToken200ResponseDevice; /** * ID of the client application granted with this refresh token * @@ -7098,11 +8135,50 @@ export interface GetRefreshToken200Response { * */ resource_servers: Array; + /** + */ + last_exchanged_at: GetRefreshToken200ResponseLastExchangedAt | null; } /** * */ export type GetRefreshToken200ResponseCreatedAt = string | { [key: string]: any }; +/** + * Device used while issuing/exchanging the refresh token + */ +export interface GetRefreshToken200ResponseDevice { + [key: string]: any | any; + /** + * First IP address associated with the refresh token + * + */ + initial_ip: string; + /** + * First autonomous system number associated with the refresh token + * + */ + initial_asn: string; + /** + * First user agent associated with the refresh token + * + */ + initial_user_agent: string; + /** + * Last IP address associated with the refresh token + * + */ + last_ip: string; + /** + * Last autonomous system number associated with the refresh token + * + */ + last_asn: string; + /** + * Last user agent associated with the refresh token + * + */ + last_user_agent: string; +} /** * */ @@ -7111,6 +8187,10 @@ export type GetRefreshToken200ResponseExpiresAt = string | { [key: string]: any * */ export type GetRefreshToken200ResponseIdleExpiresAt = string | { [key: string]: any }; +/** + * + */ +export type GetRefreshToken200ResponseLastExchangedAt = string | { [key: string]: any }; /** * */ @@ -7134,12 +8214,17 @@ export interface GetRefreshTokensForUser200Response { [key: string]: any | any; /** */ - sessions: Array; + tokens: Array; + /** + * A cursor to be used as the "from" query parameter for the next page of results. + * + */ + next: string; } /** * */ -export interface GetRefreshTokensForUser200ResponseSessionsInner { +export interface GetRefreshTokensForUser200ResponseTokensInner { [key: string]: any | any; /** * The ID of the refresh token @@ -7153,13 +8238,16 @@ export interface GetRefreshTokensForUser200ResponseSessionsInner { user_id: string; /** */ - created_at: GetRefreshTokensForUser200ResponseSessionsInnerCreatedAt; + created_at: GetRefreshTokensForUser200ResponseTokensInnerCreatedAt; + /** + */ + idle_expires_at: GetRefreshTokensForUser200ResponseTokensInnerIdleExpiresAt; /** */ - idle_expires_at: GetRefreshTokensForUser200ResponseSessionsInnerIdleExpiresAt; + expires_at: GetRefreshTokensForUser200ResponseTokensInnerExpiresAt; /** */ - expires_at: GetRefreshTokensForUser200ResponseSessionsInnerExpiresAt; + device: GetRefreshToken200ResponseDevice; /** * ID of the client application granted with this refresh token * @@ -7180,23 +8268,32 @@ export interface GetRefreshTokensForUser200ResponseSessionsInner { * */ resource_servers: Array; + /** + */ + last_exchanged_at: GetRefreshTokensForUser200ResponseTokensInnerLastExchangedAt; } /** * */ -export type GetRefreshTokensForUser200ResponseSessionsInnerCreatedAt = +export type GetRefreshTokensForUser200ResponseTokensInnerCreatedAt = + | string + | { [key: string]: any }; +/** + * + */ +export type GetRefreshTokensForUser200ResponseTokensInnerExpiresAt = | string | { [key: string]: any }; /** * */ -export type GetRefreshTokensForUser200ResponseSessionsInnerExpiresAt = +export type GetRefreshTokensForUser200ResponseTokensInnerIdleExpiresAt = | string | { [key: string]: any }; /** * */ -export type GetRefreshTokensForUser200ResponseSessionsInnerIdleExpiresAt = +export type GetRefreshTokensForUser200ResponseTokensInnerLastExchangedAt = | string | { [key: string]: any }; /** @@ -7238,7 +8335,7 @@ export interface GetRendering200Response { * An array of head tags * */ - head_tags: Array<{ [key: string]: any }>; + head_tags: Array; } export const GetRendering200ResponseRenderingModeEnum = { @@ -7248,6 +8345,34 @@ export const GetRendering200ResponseRenderingModeEnum = { export type GetRendering200ResponseRenderingModeEnum = (typeof GetRendering200ResponseRenderingModeEnum)[keyof typeof GetRendering200ResponseRenderingModeEnum]; +/** + * + */ +export interface GetRendering200ResponseHeadTagsInner { + [key: string]: any | any; + /** + * Any HTML element valid for use in the head tag + * + */ + tag: string; + /** + */ + attributes: GetRendering200ResponseHeadTagsInnerAttributes; + /** + * Text/content within the opening and closing tags of the element. See documentation on using context variables + * + */ + content: string; +} +/** + * Attributes of the HTML tag + */ +export interface GetRendering200ResponseHeadTagsInnerAttributes { + [key: string]: any | any; + /** + */ + integrity: Array; +} /** * */ @@ -7529,6 +8654,9 @@ export interface GetSession200Response { /** */ expires_at: GetSession200ResponseExpiresAt | null; + /** + */ + last_interacted_at: GetSession200ResponseLastInteractedAt | null; /** */ device: GetSession200ResponseDevice; @@ -7601,6 +8729,11 @@ export type GetSession200ResponseCreatedAt = string | { [key: string]: any }; */ export interface GetSession200ResponseDevice { [key: string]: any | any; + /** + * First user agent of the device from which this user logged in + * + */ + initial_user_agent: string; /** * First IP address associated with this session * @@ -7635,6 +8768,10 @@ export type GetSession200ResponseExpiresAt = string | { [key: string]: any }; * */ export type GetSession200ResponseIdleExpiresAt = string | { [key: string]: any }; +/** + * + */ +export type GetSession200ResponseLastInteractedAt = string | { [key: string]: any }; /** * */ @@ -7647,6 +8784,11 @@ export interface GetSessionsForUser200Response { /** */ sessions: Array; + /** + * A cursor to be used as the "from" query parameter for the next page of results. + * + */ + next: string; } /** * @@ -7678,6 +8820,9 @@ export interface GetSessionsForUser200ResponseSessionsInner { /** */ expires_at: GetSessionsForUser200ResponseSessionsInnerExpiresAt; + /** + */ + last_interacted_at: GetSessionsForUser200ResponseSessionsInnerLastInteractedAt; /** */ device: GetSessionsForUser200ResponseSessionsInnerDevice; @@ -7741,6 +8886,11 @@ export type GetSessionsForUser200ResponseSessionsInnerCreatedAt = string | { [ke */ export interface GetSessionsForUser200ResponseSessionsInnerDevice { [key: string]: any | any; + /** + * First user agent of the device from which this user logged in + * + */ + initial_user_agent: string; /** * First IP address associated with this session * @@ -7780,6 +8930,12 @@ export type GetSessionsForUser200ResponseSessionsInnerIdleExpiresAt = /** * */ +export type GetSessionsForUser200ResponseSessionsInnerLastInteractedAt = + | string + | { [key: string]: any }; +/** + * + */ export type GetSessionsForUser200ResponseSessionsInnerUpdatedAt = string | { [key: string]: any }; /** * @@ -7952,8 +9108,8 @@ export interface GetUniversalLogin200ResponseOneOf { * */ export type GetUserOrganizations200Response = - | Array - | GetOrganizations200ResponseOneOf; + | Array + | GetClientGrantOrganizations200ResponseOneOf; /** * */ @@ -8004,7 +9160,7 @@ export interface GetUsers200ResponseOneOfInner { */ username: string; /** - * Phone number for this user when using SMS connections. Follows the E.164 recommendation. + * Phone number for this user. Follows the E.164 recommendation. * */ phone_number: string; @@ -8088,52 +9244,58 @@ export interface GetUsers200ResponseOneOfInnerAppMetadata { [key: string]: any | any; /** */ - clientID: any | null; + __tenant: any | null; /** */ - globalClientID: any | null; + _id: any | null; /** */ - global_client_id: any | null; + blocked: any | null; + /** + */ + clientID: any | null; + /** + */ + created_at: any | null; /** */ email_verified: any | null; /** */ - user_id: any | null; + email: any | null; /** */ - identities: any | null; + globalClientID: any | null; /** */ - lastIP: any | null; + global_client_id: any | null; /** */ - lastLogin: any | null; + identities: any | null; /** */ - metadata: any | null; + lastIP: any | null; /** */ - created_at: any | null; + lastLogin: any | null; /** */ loginsCount: any | null; /** */ - _id: any | null; + metadata: any | null; /** */ - email: any | null; + multifactor_last_modified: any | null; /** */ - blocked: any | null; + multifactor: any | null; /** */ - __tenant: any | null; + updated_at: any | null; /** */ - updated_at: any | null; + user_id: any | null; } /** * @@ -8157,7 +9319,7 @@ export interface GetUsers200ResponseOneOfInnerIdentitiesInner { * The type of identity provider * */ - provider: string; + provider: GetUsers200ResponseOneOfInnerIdentitiesInnerProviderEnum; /** * Whether this identity is from a social provider (true) or not (false). * @@ -8182,6 +9344,73 @@ export interface GetUsers200ResponseOneOfInnerIdentitiesInner { */ profileData: UserProfile; } + +export const GetUsers200ResponseOneOfInnerIdentitiesInnerProviderEnum = { + ad: 'ad', + adfs: 'adfs', + amazon: 'amazon', + apple: 'apple', + dropbox: 'dropbox', + bitbucket: 'bitbucket', + aol: 'aol', + auth0_oidc: 'auth0-oidc', + auth0: 'auth0', + baidu: 'baidu', + bitly: 'bitly', + box: 'box', + custom: 'custom', + daccount: 'daccount', + dwolla: 'dwolla', + email: 'email', + evernote_sandbox: 'evernote-sandbox', + evernote: 'evernote', + exact: 'exact', + facebook: 'facebook', + fitbit: 'fitbit', + flickr: 'flickr', + github: 'github', + google_apps: 'google-apps', + google_oauth2: 'google-oauth2', + instagram: 'instagram', + ip: 'ip', + line: 'line', + linkedin: 'linkedin', + miicard: 'miicard', + oauth1: 'oauth1', + oauth2: 'oauth2', + office365: 'office365', + oidc: 'oidc', + okta: 'okta', + paypal: 'paypal', + paypal_sandbox: 'paypal-sandbox', + pingfederate: 'pingfederate', + planningcenter: 'planningcenter', + renren: 'renren', + salesforce_community: 'salesforce-community', + salesforce_sandbox: 'salesforce-sandbox', + salesforce: 'salesforce', + samlp: 'samlp', + sharepoint: 'sharepoint', + shopify: 'shopify', + sms: 'sms', + soundcloud: 'soundcloud', + thecity_sandbox: 'thecity-sandbox', + thecity: 'thecity', + thirtysevensignals: 'thirtysevensignals', + twitter: 'twitter', + untappd: 'untappd', + vkontakte: 'vkontakte', + waad: 'waad', + weibo: 'weibo', + windowslive: 'windowslive', + wordpress: 'wordpress', + yahoo: 'yahoo', + yammer: 'yammer', + yandex: 'yandex', +} as const; +export type GetUsers200ResponseOneOfInnerIdentitiesInnerProviderEnum = + (typeof GetUsers200ResponseOneOfInnerIdentitiesInnerProviderEnum)[keyof typeof GetUsers200ResponseOneOfInnerIdentitiesInnerProviderEnum]; + /** * */ @@ -8531,6 +9760,86 @@ export interface PatchActionRequest { */ secrets?: Array; } +/** + * The successfully created authentication method. + */ +export interface PatchAuthenticationMethodsByAuthenticationMethodId200Response { + [key: string]: any | any; + /** + * The ID of the newly created authentication method (automatically generated by the application) + * + */ + id?: string; + /** + */ + type: PatchAuthenticationMethodsByAuthenticationMethodId200ResponseTypeEnum; + /** + * A human-readable label to identify the authentication method. + * + */ + name?: string; + /** + * Base32 encoded secret for TOTP generation + * + */ + totp_secret?: string; + /** + * Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice. + * + */ + phone_number?: string; + /** + * Applies to email authentication methods only. The email address used to send verification messages. + * + */ + email?: string; + /** + */ + authentication_methods?: Array; + /** + * Applies to phone authentication methods only. The preferred communication method. + * + */ + preferred_authentication_method?: PatchAuthenticationMethodsByAuthenticationMethodId200ResponsePreferredAuthenticationMethodEnum; + /** + * Applies to webauthn authentication methods only. The id of the credential. + * + */ + key_id?: string; + /** + * Applies to webauthn authentication methods only. The public key. + * + */ + public_key?: string; + /** + * Applies to webauthn authentication methods only. The relying party identifier. + * + */ + relying_party_identifier?: string; + /** + * Authentication method creation date + * + */ + created_at?: string; +} + +export const PatchAuthenticationMethodsByAuthenticationMethodId200ResponseTypeEnum = { + phone: 'phone', + email: 'email', + totp: 'totp', + webauthn_roaming: 'webauthn-roaming', +} as const; +export type PatchAuthenticationMethodsByAuthenticationMethodId200ResponseTypeEnum = + (typeof PatchAuthenticationMethodsByAuthenticationMethodId200ResponseTypeEnum)[keyof typeof PatchAuthenticationMethodsByAuthenticationMethodId200ResponseTypeEnum]; + +export const PatchAuthenticationMethodsByAuthenticationMethodId200ResponsePreferredAuthenticationMethodEnum = + { + voice: 'voice', + sms: 'sms', + } as const; +export type PatchAuthenticationMethodsByAuthenticationMethodId200ResponsePreferredAuthenticationMethodEnum = + (typeof PatchAuthenticationMethodsByAuthenticationMethodId200ResponsePreferredAuthenticationMethodEnum)[keyof typeof PatchAuthenticationMethodsByAuthenticationMethodId200ResponsePreferredAuthenticationMethodEnum]; + /** * */ @@ -8576,14 +9885,10 @@ export interface PatchBindingsRequest { /** * */ -export type PatchBindingsRequestBindingsInner = PatchBindingsRequestBindingsInnerOneOf; -/** - * - */ -export interface PatchBindingsRequestBindingsInnerOneOf { +export interface PatchBindingsRequestBindingsInner { /** */ - ref: PatchBindingsRequestBindingsInnerOneOfRef; + ref: PatchBindingsRequestBindingsInnerRef; /** * The name of the binding. * @@ -8598,13 +9903,13 @@ export interface PatchBindingsRequestBindingsInnerOneOf { /** * A reference to an action. An action can be referred to by ID or by Name. */ -export interface PatchBindingsRequestBindingsInnerOneOfRef { +export interface PatchBindingsRequestBindingsInnerRef { [key: string]: any | any; /** * How the action is being referred to: `action_id` or `action_name`. * */ - type?: PatchBindingsRequestBindingsInnerOneOfRefTypeEnum; + type?: PatchBindingsRequestBindingsInnerRefTypeEnum; /** * The id or name of an action that is being bound to a trigger. * @@ -8612,13 +9917,13 @@ export interface PatchBindingsRequestBindingsInnerOneOfRef { value?: string; } -export const PatchBindingsRequestBindingsInnerOneOfRefTypeEnum = { +export const PatchBindingsRequestBindingsInnerRefTypeEnum = { binding_id: 'binding_id', action_id: 'action_id', action_name: 'action_name', } as const; -export type PatchBindingsRequestBindingsInnerOneOfRefTypeEnum = - (typeof PatchBindingsRequestBindingsInnerOneOfRefTypeEnum)[keyof typeof PatchBindingsRequestBindingsInnerOneOfRefTypeEnum]; +export type PatchBindingsRequestBindingsInnerRefTypeEnum = + (typeof PatchBindingsRequestBindingsInnerRefTypeEnum)[keyof typeof PatchBindingsRequestBindingsInnerRefTypeEnum]; /** * Branding settings @@ -8839,7 +10144,7 @@ export interface PatchCredentialsByCredentialIdRequest { */ export interface PatchCustomDomainsByIdRequest { /** - * compatible includes TLS 1.0, 1.1, 1.2, and recommended only includes TLS 1.2 + * recommended includes TLS 1.2 * */ tls_policy?: PatchCustomDomainsByIdRequestTlsPolicyEnum; @@ -8852,7 +10157,6 @@ export interface PatchCustomDomainsByIdRequest { export const PatchCustomDomainsByIdRequestTlsPolicyEnum = { recommended: 'recommended', - compatible: 'compatible', } as const; export type PatchCustomDomainsByIdRequestTlsPolicyEnum = (typeof PatchCustomDomainsByIdRequestTlsPolicyEnum)[keyof typeof PatchCustomDomainsByIdRequestTlsPolicyEnum]; @@ -8872,7 +10176,7 @@ export type PatchCustomDomainsByIdRequestCustomClientIpHeaderEnum = */ export interface PatchEmailTemplatesByTemplateNameRequest { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ template?: PatchEmailTemplatesByTemplateNameRequestTemplateEnum; @@ -8922,6 +10226,7 @@ export const PatchEmailTemplatesByTemplateNameRequestTemplateEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -9039,6 +10344,11 @@ export interface PatchLogStreamsByIdRequest { * */ status?: PatchLogStreamsByIdRequestStatusEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -9178,26 +10488,26 @@ export interface PatchOrganizationsByIdRequest { */ branding?: PatchOrganizationsByIdRequestBranding | null; /** - * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. + * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 25 metadata properties allowed. * */ metadata?: { [key: string]: any } | null; } /** - * Theme defines how to style the login pages + * Theme defines how to style the login pages. */ export interface PatchOrganizationsByIdRequestBranding { /** - * URL of logo to display on login page + * URL of logo to display on login page. * */ logo_url?: string; /** */ - colors?: GetOrganizations200ResponseOneOfInnerBrandingColors; + colors?: GetClientGrantOrganizations200ResponseOneOfInnerBrandingColors; } /** - * ACUL settings for the given screen. + * Render settings for the given screen */ export interface PatchRenderingRequest { /** @@ -9219,7 +10529,7 @@ export interface PatchRenderingRequest { * An array of head tags * */ - head_tags?: Array<{ [key: string]: any }>; + head_tags?: Array; } export const PatchRenderingRequestRenderingModeEnum = { @@ -9229,6 +10539,35 @@ export const PatchRenderingRequestRenderingModeEnum = { export type PatchRenderingRequestRenderingModeEnum = (typeof PatchRenderingRequestRenderingModeEnum)[keyof typeof PatchRenderingRequestRenderingModeEnum]; +/** + * + */ +export interface PatchRenderingRequestHeadTagsInner { + [key: string]: any | any; + /** + * Any HTML element valid for use in the head tag + * + */ + tag?: string; + /** + */ + attributes?: PatchRenderingRequestHeadTagsInnerAttributes; + /** + * Text/content within the opening and closing tags of the element + * See documentation on using context variables + * + */ + content?: string; +} +/** + * Attributes of the HTML tag + */ +export interface PatchRenderingRequestHeadTagsInnerAttributes { + [key: string]: any | any; + /** + */ + integrity?: Array; +} /** * */ @@ -9480,6 +10819,7 @@ export const PostAuthenticationMethods201ResponseTypeEnum = { email: 'email', totp: 'totp', webauthn_roaming: 'webauthn-roaming', + passkey: 'passkey', } as const; export type PostAuthenticationMethods201ResponseTypeEnum = (typeof PostAuthenticationMethods201ResponseTypeEnum)[keyof typeof PostAuthenticationMethods201ResponseTypeEnum]; @@ -9519,22 +10859,22 @@ export interface PostAuthenticationMethodsRequest { */ email?: string; /** - * Preferred phone authentication method. + * Applies to phone authentication methods only. The preferred communication method. * */ preferred_authentication_method?: PostAuthenticationMethodsRequestPreferredAuthenticationMethodEnum; /** - * Applies to email webauthn authenticators only. The id of the credential. + * Applies to webauthn authentication methods only. The id of the credential. * */ key_id?: string; /** - * Applies to email webauthn authenticators only. The public key. + * Applies to webauthn authentication methods only. The public key. * */ public_key?: string; /** - * Applies to email webauthn authenticators only. The relying party identifier. + * Applies to webauthn authentication methods only. The relying party identifier. * */ relying_party_identifier?: string; @@ -9545,6 +10885,7 @@ export const PostAuthenticationMethodsRequestTypeEnum = { email: 'email', totp: 'totp', webauthn_roaming: 'webauthn-roaming', + passkey: 'passkey', } as const; export type PostAuthenticationMethodsRequestTypeEnum = (typeof PostAuthenticationMethodsRequestTypeEnum)[keyof typeof PostAuthenticationMethodsRequestTypeEnum]; @@ -9697,6 +11038,11 @@ export interface PostBrandingThemeRequestColors { * */ body_text: string; + /** + * Captcha Widget Theme + * + */ + captcha_widget_theme?: PostBrandingThemeRequestColorsCaptchaWidgetThemeEnum; /** * Error * @@ -9773,6 +11119,15 @@ export interface PostBrandingThemeRequestColors { */ widget_border: string; } + +export const PostBrandingThemeRequestColorsCaptchaWidgetThemeEnum = { + auto: 'auto', + dark: 'dark', + light: 'light', +} as const; +export type PostBrandingThemeRequestColorsCaptchaWidgetThemeEnum = + (typeof PostBrandingThemeRequestColorsCaptchaWidgetThemeEnum)[keyof typeof PostBrandingThemeRequestColorsCaptchaWidgetThemeEnum]; + /** * */ @@ -10136,7 +11491,7 @@ export interface PostCustomDomainsRequest { */ verification_method?: PostCustomDomainsRequestVerificationMethodEnum; /** - * compatible includes TLS 1.0, 1.1, 1.2, and recommended only includes TLS 1.2 + * recommended includes TLS 1.2 * */ tls_policy?: PostCustomDomainsRequestTlsPolicyEnum; @@ -10197,7 +11552,7 @@ export interface PostDeviceCredentials201Response { */ export interface PostEmailTemplatesRequest { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ template: PostEmailTemplatesRequestTemplateEnum; @@ -10247,6 +11602,7 @@ export const PostEmailTemplatesRequestTemplateEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -10285,7 +11641,7 @@ export interface PostEmailVerificationRequest { */ user_id: string; /** - * ID of the client. If provided for tenants using New Universal Login experience, the user will be prompted to redirect to the default login route of the corresponding application once the ticket is used. See Configuring Default Login Routes for more details. + * ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger. * */ client_id?: string; @@ -10333,6 +11689,59 @@ export interface PostEnabledConnectionsRequest { */ show_as_button?: boolean; } +/** + * + */ +export interface PostEncryptionKeyRequest { + [key: string]: any | any; + /** + * Base64 encoded ciphertext of key material wrapped by public wrapping key. + * + */ + wrapped_key: string; +} +/** + * + */ +export interface PostEncryptionRequest { + [key: string]: any | any; + /** + * Type of the encryption key to be created. + * + */ + type: PostEncryptionRequestTypeEnum; +} + +export const PostEncryptionRequestTypeEnum = { + customer_provided_root_key: 'customer-provided-root-key', + tenant_encryption_key: 'tenant-encryption-key', +} as const; +export type PostEncryptionRequestTypeEnum = + (typeof PostEncryptionRequestTypeEnum)[keyof typeof PostEncryptionRequestTypeEnum]; + +/** + * + */ +export interface PostEncryptionWrappingKey201Response { + [key: string]: any | any; + /** + * Public wrapping key in PEM format + * + */ + public_key: string; + /** + * Encryption algorithm that shall be used to wrap your key material + * + */ + algorithm: PostEncryptionWrappingKey201ResponseAlgorithmEnum; +} + +export const PostEncryptionWrappingKey201ResponseAlgorithmEnum = { + CKM_RSA_AES_KEY_WRAP: 'CKM_RSA_AES_KEY_WRAP', +} as const; +export type PostEncryptionWrappingKey201ResponseAlgorithmEnum = + (typeof PostEncryptionWrappingKey201ResponseAlgorithmEnum)[keyof typeof PostEncryptionWrappingKey201ResponseAlgorithmEnum]; + /** * */ @@ -12561,21 +13970,33 @@ export interface PostInvitationsRequest { */ export interface PostInvitationsRequestAppMetadata { [key: string]: any | any; + /** + */ + __tenant?: any | null; + /** + */ + _id?: any | null; + /** + */ + blocked?: any | null; /** */ clientID?: any | null; /** */ - globalClientID?: any | null; + created_at?: any | null; /** */ - global_client_id?: any | null; + email_verified?: any | null; + /** + */ + email?: any | null; /** */ - email_verified?: any | null; + globalClientID?: any | null; /** */ - user_id?: any | null; + global_client_id?: any | null; /** */ identities?: any | null; @@ -12585,30 +14006,24 @@ export interface PostInvitationsRequestAppMetadata { /** */ lastLogin?: any | null; - /** - */ - metadata?: any | null; - /** - */ - created_at?: any | null; /** */ loginsCount?: any | null; /** */ - _id?: any | null; + metadata?: any | null; /** */ - email?: any | null; + multifactor_last_modified?: any | null; /** */ - blocked?: any | null; + multifactor?: any | null; /** */ - __tenant?: any | null; + updated_at?: any | null; /** */ - updated_at?: any | null; + user_id?: any | null; } /** * @@ -12634,6 +14049,11 @@ export interface PostLogStreamsRequestOneOf { /** */ type: PostLogStreamsRequestOneOfTypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12667,6 +14087,11 @@ export interface PostLogStreamsRequestOneOf1 { /** */ type: PostLogStreamsRequestOneOf1TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12744,6 +14169,11 @@ export interface PostLogStreamsRequestOneOf2 { /** */ type: PostLogStreamsRequestOneOf2TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12811,6 +14241,7 @@ export const PostLogStreamsRequestOneOf2SinkAzureRegionEnum = { southcentralus: 'southcentralus', southeastasia: 'southeastasia', southindia: 'southindia', + swedencentral: 'swedencentral', switzerlandnorth: 'switzerlandnorth', uaenorth: 'uaenorth', uksouth: 'uksouth', @@ -12836,6 +14267,11 @@ export interface PostLogStreamsRequestOneOf3 { /** */ type: PostLogStreamsRequestOneOf3TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12869,6 +14305,11 @@ export interface PostLogStreamsRequestOneOf4 { /** */ type: PostLogStreamsRequestOneOf4TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12902,6 +14343,11 @@ export interface PostLogStreamsRequestOneOf5 { /** */ type: PostLogStreamsRequestOneOf5TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12935,6 +14381,11 @@ export interface PostLogStreamsRequestOneOf6 { /** */ type: PostLogStreamsRequestOneOf6TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -12968,6 +14419,11 @@ export interface PostLogStreamsRequestOneOf7 { /** */ type: PostLogStreamsRequestOneOf7TypeEnum; + /** + * True for priority log streams, false for non-priority + * + */ + isPriority?: boolean; /** * Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. * @@ -13028,6 +14484,7 @@ export const PostLogStreamsRequestOneOfFiltersInnerNameEnum = { auth_token_exchange_success: 'auth.token_exchange.success', management_fail: 'management.fail', management_success: 'management.success', + scim_event: 'scim.event', system_notification: 'system.notification', user_fail: 'user.fail', user_notification: 'user.notification', @@ -13048,16 +14505,6 @@ export interface PostMembersRequest { */ members: Array; } -/** - * - */ -export interface PostOrganizationClientGrantsRequest { - /** - * A Client Grant ID to add to the organization. - * - */ - grant_id: string; -} /** * */ @@ -13074,7 +14521,7 @@ export interface PostOrganizationMemberRolesRequest { export interface PostOrganizations201Response { [key: string]: any | any; /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -13090,9 +14537,9 @@ export interface PostOrganizations201Response { display_name: string; /** */ - branding: GetOrganizations200ResponseOneOfInnerBranding; + branding: GetClientGrantOrganizations200ResponseOneOfInnerBranding; /** - * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. + * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 25 metadata properties allowed. * */ metadata: { [key: string]: any }; @@ -13163,7 +14610,7 @@ export interface PostOrganizationsRequest { */ branding?: PostOrganizationsRequestBranding; /** - * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. + * Metadata associated with the organization, in the form of an object with string values (max 255 chars). Maximum of 25 metadata properties allowed. * */ metadata?: { [key: string]: any }; @@ -13174,17 +14621,17 @@ export interface PostOrganizationsRequest { enabled_connections?: Array; } /** - * Theme defines how to style the login pages + * Theme defines how to style the login pages. */ export interface PostOrganizationsRequestBranding { /** - * URL of logo to display on login page + * URL of logo to display on login page. * */ logo_url?: string; /** */ - colors?: GetOrganizations200ResponseOneOfInnerBrandingColors; + colors?: GetClientGrantOrganizations200ResponseOneOfInnerBrandingColors; } /** * Connection to be added to the organization. @@ -13237,7 +14684,7 @@ export interface PostPasswordChangeRequest { */ user_id?: string; /** - * ID of the client. If provided for tenants using New Universal Login experience, the user will be prompted to redirect to the default login route of the corresponding application once the ticket is used. See Configuring Default Login Routes for more details. + * ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger. * */ client_id?: string; @@ -13463,8 +14910,15 @@ export interface PostSsoTicketRequestConnectionConfig { */ display_name?: string; /** + * true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.) + * */ is_domain_connection?: boolean; + /** + * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.) + * + */ + show_as_button?: boolean; /** * Metadata associated with the connection in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. * @@ -13494,7 +14948,7 @@ export interface PostSsoTicketRequestConnectionConfigOptions { */ export interface PostSsoTicketRequestEnabledOrganizationsInner { /** - * Organization identifier + * Organization identifier. * */ organization_id: string; @@ -13969,7 +15423,7 @@ export interface PutAuthenticationMethodsRequestInner { */ type: PutAuthenticationMethodsRequestInnerTypeEnum; /** - * The preferred authentication method for phone authentication method. + * Applies to phone authentication methods only. The preferred communication method. * */ preferred_authentication_method?: PutAuthenticationMethodsRequestInnerPreferredAuthenticationMethodEnum; @@ -14010,6 +15464,20 @@ export const PutAuthenticationMethodsRequestInnerPreferredAuthenticationMethodEn export type PutAuthenticationMethodsRequestInnerPreferredAuthenticationMethodEnum = (typeof PutAuthenticationMethodsRequestInnerPreferredAuthenticationMethodEnum)[keyof typeof PutAuthenticationMethodsRequestInnerPreferredAuthenticationMethodEnum]; +/** + * + */ +export interface PutFactorDuoSettingsRequest { + /** + */ + ikey?: string; + /** + */ + skey?: string; + /** + */ + host?: string; +} /** * */ @@ -14038,6 +15506,14 @@ export interface PutFcmRequest { */ server_key?: string | null; } +/** + * + */ +export interface PutFcmv1Request { + /** + */ + server_credentials?: string | null; +} /** * */ @@ -14246,6 +15722,7 @@ export interface ResourceServer { export const ResourceServerSigningAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ResourceServerSigningAlgEnum = @@ -14341,6 +15818,7 @@ export interface ResourceServerCreate { export const ResourceServerCreateSigningAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ResourceServerCreateSigningAlgEnum = @@ -14507,6 +15985,7 @@ export interface ResourceServerUpdate { export const ResourceServerUpdateSigningAlgEnum = { HS256: 'HS256', RS256: 'RS256', + RS512: 'RS512', PS256: 'PS256', } as const; export type ResourceServerUpdateSigningAlgEnum = @@ -14919,49 +16398,6 @@ export interface SsoAccessTicketResponse { */ ticket: string; } -/** - * - */ -export interface SsoTicketRequestJson { - /** - * If provided, this will allow editing of the provided connection during the SSO Flow - * - */ - connection_id?: string; - /** - */ - connection_config?: SsoTicketRequestJsonConnectionConfig; - /** - * List of client_ids that the connection will be enabled for. - * - */ - enabled_clients?: Array; - /** - * List of organizations that the connection will be enabled for. - * - */ - enabled_organizations?: Array; -} -/** - * If provided, this will create a new connection for the SSO flow with the given configuration - */ -export interface SsoTicketRequestJsonConnectionConfig { - /** - * The name of the connection that will be created as a part of the SSO flow. - * - */ - name: string; -} -/** - * - */ -export interface SsoTicketRequestJsonEnabledOrganizationsInner { - /** - * Organization identifier - * - */ - organization_id: string; -} /** * */ @@ -15082,6 +16518,11 @@ export interface TenantSettings { * */ sandbox_version: string; + /** + * Selected sandbox version for rules and hooks extensibility. + * + */ + legacy_sandbox_version: string; /** * Available sandbox versions for the extensibility environment. * @@ -15103,6 +16544,9 @@ export interface TenantSettings { /** */ sessions: TenantSettingsSessions | null; + /** + */ + oidc_logout: TenantSettingsOidcLogout; /** * Whether to accept an organization name instead of an ID on auth endpoints * @@ -15129,39 +16573,62 @@ export interface TenantSettings { } export const TenantSettingsEnabledLocalesEnum = { + am: 'am', ar: 'ar', + ar_EG: 'ar-EG', + ar_SA: 'ar-SA', + az: 'az', bg: 'bg', + bn: 'bn', bs: 'bs', ca_ES: 'ca-ES', + cnr: 'cnr', cs: 'cs', cy: 'cy', da: 'da', de: 'de', el: 'el', en: 'en', + en_CA: 'en-CA', es: 'es', + es_419: 'es-419', + es_AR: 'es-AR', + es_MX: 'es-MX', et: 'et', eu_ES: 'eu-ES', + fa: 'fa', fi: 'fi', fr: 'fr', fr_CA: 'fr-CA', fr_FR: 'fr-FR', gl_ES: 'gl-ES', + gu: 'gu', he: 'he', hi: 'hi', hr: 'hr', hu: 'hu', + hy: 'hy', id: 'id', is: 'is', it: 'it', ja: 'ja', + ka: 'ka', + kk: 'kk', + kn: 'kn', ko: 'ko', lt: 'lt', lv: 'lv', + mk: 'mk', + ml: 'ml', + mn: 'mn', + mr: 'mr', + ms: 'ms', + my: 'my', nb: 'nb', nl: 'nl', nn: 'nn', no: 'no', + pa: 'pa', pl: 'pl', pt: 'pt', pt_BR: 'pt-BR', @@ -15170,13 +16637,22 @@ export const TenantSettingsEnabledLocalesEnum = { ru: 'ru', sk: 'sk', sl: 'sl', + so: 'so', + sq: 'sq', sr: 'sr', sv: 'sv', + sw: 'sw', + ta: 'ta', + te: 'te', th: 'th', + tl: 'tl', tr: 'tr', uk: 'uk', + ur: 'ur', vi: 'vi', + zgh: 'zgh', zh_CN: 'zh-CN', + zh_HK: 'zh-HK', zh_TW: 'zh-TW', } as const; export type TenantSettingsEnabledLocalesEnum = @@ -15359,6 +16835,11 @@ export interface TenantSettingsFlags { * */ remove_alg_from_jwks: boolean; + /** + * Improves bot detection during signup in classic universal login + * + */ + improved_signup_bot_detection_in_classic: boolean; } /** * Guardian page customization. @@ -15385,6 +16866,16 @@ export interface TenantSettingsMtls { */ enable_endpoint_aliases: boolean; } +/** + * Settings related to OIDC RP-initiated Logout + */ +export interface TenantSettingsOidcLogout { + /** + * Enable the end_session_endpoint URL in the .well-known discovery configuration + * + */ + rp_logout_end_session_endpoint_discovery: boolean; +} /** * Session cookie configuration */ @@ -15482,6 +16973,11 @@ export interface TenantSettingsUpdate { * */ sandbox_version?: string; + /** + * Selected legacy sandbox version for the extensibility environment + * + */ + legacy_sandbox_version?: string; /** * The default absolute redirection uri, must be https * @@ -15498,6 +16994,9 @@ export interface TenantSettingsUpdate { /** */ sessions?: TenantSettingsUpdateSessions | null; + /** + */ + oidc_logout?: TenantSettingsUpdateOidcLogout; /** * Whether to enable flexible factors for MFA in the PostLogin action * @@ -15524,39 +17023,62 @@ export interface TenantSettingsUpdate { } export const TenantSettingsUpdateEnabledLocalesEnum = { + am: 'am', ar: 'ar', + ar_EG: 'ar-EG', + ar_SA: 'ar-SA', + az: 'az', bg: 'bg', + bn: 'bn', bs: 'bs', ca_ES: 'ca-ES', + cnr: 'cnr', cs: 'cs', cy: 'cy', da: 'da', de: 'de', el: 'el', en: 'en', + en_CA: 'en-CA', es: 'es', + es_419: 'es-419', + es_AR: 'es-AR', + es_MX: 'es-MX', et: 'et', eu_ES: 'eu-ES', + fa: 'fa', fi: 'fi', fr: 'fr', fr_CA: 'fr-CA', fr_FR: 'fr-FR', gl_ES: 'gl-ES', + gu: 'gu', he: 'he', hi: 'hi', hr: 'hr', hu: 'hu', + hy: 'hy', id: 'id', is: 'is', it: 'it', ja: 'ja', + ka: 'ka', + kk: 'kk', + kn: 'kn', ko: 'ko', lt: 'lt', lv: 'lv', + mk: 'mk', + ml: 'ml', + mn: 'mn', + mr: 'mr', + ms: 'ms', + my: 'my', nb: 'nb', nl: 'nl', nn: 'nn', no: 'no', + pa: 'pa', pl: 'pl', pt: 'pt', pt_BR: 'pt-BR', @@ -15565,13 +17087,22 @@ export const TenantSettingsUpdateEnabledLocalesEnum = { ru: 'ru', sk: 'sk', sl: 'sl', + so: 'so', + sq: 'sq', sr: 'sr', sv: 'sv', + sw: 'sw', + ta: 'ta', + te: 'te', th: 'th', + tl: 'tl', tr: 'tr', uk: 'uk', + ur: 'ur', vi: 'vi', + zgh: 'zgh', zh_CN: 'zh-CN', + zh_HK: 'zh-HK', zh_TW: 'zh-TW', } as const; export type TenantSettingsUpdateEnabledLocalesEnum = @@ -15759,11 +17290,21 @@ export interface TenantSettingsUpdateFlags { * */ mfa_show_factor_list_on_enrollment?: boolean; + /** + * Require the use of JWT Secured Authorization Requests (JAR) + * + */ + require_signed_request_object?: boolean; /** * Removes alg property from jwks .well-known endpoint * */ remove_alg_from_jwks?: boolean; + /** + * Improves bot detection during signup in classic universal login + * + */ + improved_signup_bot_detection_in_classic?: boolean; } export const TenantSettingsUpdateFlagsChangePwdFlowV1Enum = { @@ -15797,6 +17338,16 @@ export interface TenantSettingsUpdateMtls { */ enable_endpoint_aliases?: boolean; } +/** + * Settings related to OIDC RP-initiated Logout + */ +export interface TenantSettingsUpdateOidcLogout { + /** + * Enable the end_session_endpoint URL in the .well-known discovery configuration + * + */ + rp_logout_end_session_endpoint_discovery?: boolean; +} /** * Sessions related settings for tenant */ @@ -15810,18 +17361,74 @@ export interface TenantSettingsUpdateSessions { /** * */ -export interface Token { +export interface TryPhoneProvider202Response { + /** + * The status code of the operation. + * + */ + code: number; + /** + * The description of the operation status. + * + */ + message: string; +} +/** + * + */ +export interface TryPhoneProviderRequest { + /** + * The recipient phone number to receive a given notification. + * + */ + to: string; + /** + * The delivery method for the notification + * + */ + delivery_method?: TryPhoneProviderRequestDeliveryMethodEnum; +} + +export const TryPhoneProviderRequestDeliveryMethodEnum = { + text: 'text', + voice: 'voice', +} as const; +export type TryPhoneProviderRequestDeliveryMethodEnum = + (typeof TryPhoneProviderRequestDeliveryMethodEnum)[keyof typeof TryPhoneProviderRequestDeliveryMethodEnum]; + +/** + * + */ +export interface TryPhoneTemplate202Response { + [key: string]: any | any; + /** + */ + message: string; +} +/** + * + */ +export interface TryPhoneTemplateRequest { + [key: string]: any | any; /** - * JWT's aud claim (the client_id to which the JWT was issued). + * Destination of the testing phone notification * */ - aud?: string; + to: string; /** - * jti (unique ID within aud) of the blacklisted JWT. + * Medium to use to send the notification * */ - jti: string; + delivery_method?: TryPhoneTemplateRequestDeliveryMethodEnum; } + +export const TryPhoneTemplateRequestDeliveryMethodEnum = { + text: 'text', + voice: 'voice', +} as const; +export type TryPhoneTemplateRequestDeliveryMethodEnum = + (typeof TryPhoneTemplateRequestDeliveryMethodEnum)[keyof typeof TryPhoneTemplateRequestDeliveryMethodEnum]; + /** * */ @@ -15847,6 +17454,61 @@ export interface TwilioFactorProvider { */ sid: string | null; } +/** + * + */ +export interface UpdatePhoneProviderRequest { + /** + * Name of the phone notification provider + * + */ + name?: UpdatePhoneProviderRequestNameEnum; + /** + * Whether the provider is enabled (false) or disabled (true). + * + */ + disabled?: boolean; + /** + */ + credentials?: CreatePhoneProviderRequestCredentials; + /** + */ + configuration?: GetBrandingPhoneProviders200ResponseProvidersInnerConfiguration; +} + +export const UpdatePhoneProviderRequestNameEnum = { + twilio: 'twilio', + custom: 'custom', +} as const; +export type UpdatePhoneProviderRequestNameEnum = + (typeof UpdatePhoneProviderRequestNameEnum)[keyof typeof UpdatePhoneProviderRequestNameEnum]; + +/** + * + */ +export interface UpdatePhoneTemplateRequest { + /** + */ + content?: UpdatePhoneTemplateRequestContent; + /** + * Whether the template is enabled (false) or disabled (true). + * + */ + disabled?: boolean; +} +/** + * + */ +export interface UpdatePhoneTemplateRequestContent { + /** + * Default phone number to be used as 'from' when sending a phone notification + * + */ + from?: string; + /** + */ + body?: GetPhoneTemplates200ResponseTemplatesInnerContentBody; +} /** * */ @@ -15888,7 +17550,7 @@ export interface UserCreate { */ email?: string; /** - * The user's phone number (following the E.164 recommendation), only valid for users from SMS connections. + * The user's phone number (following the E.164 recommendation). * */ phone_number?: string; @@ -15951,7 +17613,7 @@ export interface UserCreate { */ connection: string; /** - * Initial password for this user (mandatory only for auth0 connection strategy). + * Initial password for this user. Only valid for auth0 connection strategy. * */ password?: string; @@ -16156,6 +17818,21 @@ export interface UserProfile { */ family_name?: string; } +/** + * + */ +export interface UserRevokeAccessRequest { + /** + * ID of the session to revoke. + * + */ + session_id?: string; + /** + * Whether to preserve the refresh tokens associated with the session. + * + */ + preserve_refresh_tokens?: boolean; +} /** * */ @@ -16175,12 +17852,12 @@ export interface UserUpdate { * Email address of this user. * */ - email?: string; + email?: string | null; /** - * The user's phone number (following the E.164 recommendation), only valid for users from SMS connections. + * The user's phone number (following the E.164 recommendation). * */ - phone_number?: string; + phone_number?: string | null; /** * Whether this phone number has been verified (true) or not (false). * @@ -16225,17 +17902,17 @@ export interface UserUpdate { */ verify_email?: boolean; /** - * Whether this user will receive a text after changing the phone number (true) or no text (false). Only valid when changing phone number. + * Whether this user will receive a text after changing the phone number (true) or no text (false). Only valid when changing phone number for SMS connections. * */ verify_phone_number?: boolean; /** - * New password for this user (mandatory for non-SMS connections). + * New password for this user. Only valid for database connections. * */ password?: string; /** - * ID of the connection this user should be created in. + * Name of the connection to target for this user update. * */ connection?: string; @@ -16248,7 +17925,7 @@ export interface UserUpdate { * The user's username. Only valid if the connection requires a username. * */ - username?: string; + username?: string | null; } /** * User metadata to which this user has read-only access. @@ -16257,52 +17934,58 @@ export interface UserUpdateAppMetadata { [key: string]: any | any; /** */ - clientID?: any | null; + __tenant?: any | null; /** */ - globalClientID?: any | null; + _id?: any | null; /** */ - global_client_id?: any | null; + blocked?: any | null; + /** + */ + clientID?: any | null; + /** + */ + created_at?: any | null; /** */ email_verified?: any | null; /** */ - user_id?: any | null; + email?: any | null; /** */ - identities?: any | null; + globalClientID?: any | null; /** */ - lastIP?: any | null; + global_client_id?: any | null; /** */ - lastLogin?: any | null; + identities?: any | null; /** */ - metadata?: any | null; + lastIP?: any | null; /** */ - created_at?: any | null; + lastLogin?: any | null; /** */ loginsCount?: any | null; /** */ - _id?: any | null; + metadata?: any | null; /** */ - email?: any | null; + multifactor_last_modified?: any | null; /** */ - blocked?: any | null; + multifactor?: any | null; /** */ - __tenant?: any | null; + updated_at?: any | null; /** */ - updated_at?: any | null; + user_id?: any | null; } /** * @@ -16369,7 +18052,7 @@ export interface GetActionVersionsRequest { */ export interface GetActionsRequest { /** - * An actions extensibility point. Acceptable values: post-login, credentials-exchange, pre-user-registration, post-user-registration, post-change-password, send-phone-message, password-reset-post-challenge + * An actions extensibility point. * */ triggerId?: string; @@ -16404,7 +18087,7 @@ export interface GetActionsRequest { */ export interface GetBindingsRequest { /** - * An actions extensibility point. Acceptable values: post-login, credentials-exchange, pre-user-registration, post-user-registration, post-change-password, send-phone-message, password-reset-post-challenge + * An actions extensibility point. * */ triggerId: string; @@ -16444,7 +18127,7 @@ export interface PatchActionOperationRequest { */ export interface PatchBindingsOperationRequest { /** - * An actions extensibility point. Acceptable values: post-login, credentials-exchange, pre-user-registration, post-user-registration, post-change-password, send-phone-message, password-reset-post-challenge + * An actions extensibility point. * */ triggerId: string; @@ -16507,22 +18190,38 @@ export interface GetIpsByIdRequest { /** * */ -export interface GetTokensRequest { +export interface DeleteBrandingThemeRequest { /** - * Optional filter on the JWT's aud claim (the client_id to which the JWT was issued). + * The ID of the theme * */ - aud?: string; + themeId: string; } /** * */ -export interface DeleteBrandingThemeRequest { +export interface DeletePhoneProviderRequest { /** - * The ID of the theme + */ + id: string; +} +/** + * + */ +export interface DeletePhoneTemplateRequest { + /** + */ + id: string; +} +/** + * + */ +export interface GetBrandingPhoneProvidersRequest { + /** + * Whether the provider is enabled (false) or disabled (true). * */ - themeId: string; + disabled?: boolean; } /** * @@ -16534,6 +18233,32 @@ export interface GetBrandingThemeRequest { */ themeId: string; } +/** + * + */ +export interface GetPhoneProviderRequest { + /** + */ + id: string; +} +/** + * + */ +export interface GetPhoneTemplateRequest { + /** + */ + id: string; +} +/** + * + */ +export interface GetPhoneTemplatesRequest { + /** + * Whether the template is enabled (false) or disabled (true). + * + */ + disabled?: boolean; +} /** * */ @@ -16544,6 +18269,46 @@ export interface PatchBrandingThemeRequest { */ themeId: string; } +/** + * + */ +export interface ResetPhoneTemplateRequest { + /** + */ + id: string; +} +/** + * + */ +export interface TryPhoneProviderOperationRequest { + /** + */ + id: string; +} +/** + * + */ +export interface TryPhoneTemplateOperationRequest { + /** + */ + id: string; +} +/** + * + */ +export interface UpdatePhoneProviderOperationRequest { + /** + */ + id: string; +} +/** + * + */ +export interface UpdatePhoneTemplateOperationRequest { + /** + */ + id: string; +} /** * */ @@ -16554,12 +18319,57 @@ export interface DeleteClientGrantsByIdRequest { */ id: string; } +/** + * + */ +export interface GetClientGrantOrganizationsRequest { + /** + * ID of the client grant + * + */ + id: string; + /** + * Page index of the results to return. First page is 0. + * + */ + page?: number; + /** + * Number of results per page. Defaults to 50. + * + */ + per_page?: number; + /** + * Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). + * + */ + include_totals?: boolean; + /** + * Optional Id from which to start selection. + * + */ + from?: string; + /** + * Number of results per page. Defaults to 50. + * + */ + take?: number; +} + +/** + * + */ +export const GetClientGrantsAllowAnyOrganizationEnum = { + true: true, +} as const; +export type GetClientGrantsAllowAnyOrganizationEnum = + (typeof GetClientGrantsAllowAnyOrganizationEnum)[keyof typeof GetClientGrantsAllowAnyOrganizationEnum]; + /** * */ export interface GetClientGrantsRequest { /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -16573,6 +18383,16 @@ export interface GetClientGrantsRequest { * */ include_totals?: boolean; + /** + * Optional Id from which to start selection. + * + */ + from?: string; + /** + * Number of results per page. Defaults to 50. + * + */ + take?: number; /** * Optional filter on audience. * @@ -16583,6 +18403,11 @@ export interface GetClientGrantsRequest { * */ client_id?: string; + /** + * Optional filter on allow_any_organization. + * + */ + allow_any_organization?: GetClientGrantsAllowAnyOrganizationEnum; } /** * @@ -16674,12 +18499,7 @@ export interface GetClientsRequest { */ app_type?: string; /** - * A comma separated list of client_ids used to filter the returned clients - * - */ - client_ids?: string; - /** - * Query in Lucene query string syntax. + * Advanced Query in Lucene syntax.
    Permitted Queries:
    • client_grant.organization_id:{organization_id}
    • client_grant.allow_any_organization:true
    Additional Restrictions:
    • Cannot be used in combination with other filters
    • Requires use of the from and take paging parameters (checkpoint paginatinon)
    • Reduced rate limits apply. See Rate Limit Configurations
    Note: Recent updates may not be immediately reflected in query results * */ q?: string; @@ -16900,7 +18720,7 @@ export type GetConnectionsStrategyEnum = */ export interface GetConnectionsRequest { /** - * The amount of entries per page. Default: no paging is used, all connections are returned + * The amount of entries per page. Defaults to 100 if not provided * */ per_page?: number; @@ -17010,7 +18830,7 @@ export interface GetStatusRequest { */ export interface PatchConnectionsByIdRequest { /** - * The id of the connection to retrieve + * The id of the connection to update * */ id: string; @@ -17160,6 +18980,7 @@ export const GetEmailTemplatesByTemplateNameTemplateNameEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -17177,7 +18998,7 @@ export type GetEmailTemplatesByTemplateNameTemplateNameEnum = */ export interface GetEmailTemplatesByTemplateNameRequest { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ templateName: GetEmailTemplatesByTemplateNameTemplateNameEnum; @@ -17190,6 +19011,7 @@ export const PatchEmailTemplatesByTemplateNameOperationTemplateNameEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -17207,7 +19029,7 @@ export type PatchEmailTemplatesByTemplateNameOperationTemplateNameEnum = */ export interface PatchEmailTemplatesByTemplateNameOperationRequest { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ templateName: PatchEmailTemplatesByTemplateNameOperationTemplateNameEnum; @@ -17220,6 +19042,7 @@ export const PutEmailTemplatesByTemplateNameTemplateNameEnum = { verify_email: 'verify_email', verify_email_by_code: 'verify_email_by_code', reset_email: 'reset_email', + reset_email_by_code: 'reset_email_by_code', welcome_email: 'welcome_email', blocked_account: 'blocked_account', stolen_credentials: 'stolen_credentials', @@ -17237,7 +19060,7 @@ export type PutEmailTemplatesByTemplateNameTemplateNameEnum = */ export interface PutEmailTemplatesByTemplateNameRequest { /** - * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). + * Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `change_password` (legacy), or `password_reset` (legacy). * */ templateName: PutEmailTemplatesByTemplateNameTemplateNameEnum; @@ -17577,7 +19400,7 @@ export interface DeleteGrantsByUserIdRequest { */ export interface GetGrantsRequest { /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -17698,7 +19521,7 @@ export interface GetHooksRequest { */ page?: number; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -17826,6 +19649,46 @@ export interface PostUsersImportsData { */ send_completion_email?: boolean; } +/** + * + */ +export interface DeleteEncryptionKeyRequest { + /** + * Encryption key ID + * + */ + kid: string; +} +/** + * + */ +export interface GetEncryptionKeyRequest { + /** + * Encryption key ID + * + */ + kid: string; +} +/** + * + */ +export interface GetEncryptionKeysRequest { + /** + * Page index of the results to return. First page is 0. + * + */ + page?: number; + /** + * Number of results per page. Default value is 50, maximum value is 100. + * + */ + per_page?: number; + /** + * Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). + * + */ + include_totals?: boolean; +} /** * */ @@ -17836,6 +19699,26 @@ export interface GetSigningKeyRequest { */ kid: string; } +/** + * + */ +export interface PostEncryptionKeyOperationRequest { + /** + * Encryption key ID + * + */ + kid: string; +} +/** + * + */ +export interface PostEncryptionWrappingKeyRequest { + /** + * Encryption key ID + * + */ + kid: string; +} /** * */ @@ -17936,12 +19819,22 @@ export interface GetLogsByIdRequest { */ id: string; } +/** + * + */ +export interface CreateOrganizationClientGrantsOperationRequest { + /** + * Organization identifier. + * + */ + id: string; +} /** * */ export interface DeleteClientGrantsByGrantIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -17956,12 +19849,12 @@ export interface DeleteClientGrantsByGrantIdRequest { */ export interface DeleteEnabledConnectionsByConnectionIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; /** - * Connection identifier + * Connection identifier. * */ connectionId: string; @@ -17971,7 +19864,7 @@ export interface DeleteEnabledConnectionsByConnectionIdRequest { */ export interface DeleteInvitationsByInvitationIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -17986,7 +19879,7 @@ export interface DeleteInvitationsByInvitationIdRequest { */ export interface DeleteMembersOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -17996,7 +19889,7 @@ export interface DeleteMembersOperationRequest { */ export interface DeleteOrganizationMemberRolesOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18011,7 +19904,7 @@ export interface DeleteOrganizationMemberRolesOperationRequest { */ export interface DeleteOrganizationsByIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18021,7 +19914,7 @@ export interface DeleteOrganizationsByIdRequest { */ export interface GetEnabledConnectionsRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18046,12 +19939,12 @@ export interface GetEnabledConnectionsRequest { */ export interface GetEnabledConnectionsByConnectionIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; /** - * Connection identifier + * Connection identifier. * */ connectionId: string; @@ -18061,7 +19954,7 @@ export interface GetEnabledConnectionsByConnectionIdRequest { */ export interface GetInvitationsRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18101,7 +19994,7 @@ export interface GetInvitationsRequest { */ export interface GetInvitationsByInvitationIdRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18126,7 +20019,7 @@ export interface GetInvitationsByInvitationIdRequest { */ export interface GetMembersRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18181,7 +20074,7 @@ export interface GetNameByNameRequest { */ export interface GetOrganizationClientGrantsRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18196,7 +20089,7 @@ export interface GetOrganizationClientGrantsRequest { */ client_id?: string; /** - * A list of grant ids, which will filter the results. + * Optional filter on the ID of the client grant. Must be URL encoded and may be specified multiple times (max 10).
    e.g. ../client-grants?grant_ids=id1&grant_ids=id2 * */ grant_ids?: Array; @@ -18221,7 +20114,7 @@ export interface GetOrganizationClientGrantsRequest { */ export interface GetOrganizationMemberRolesRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18296,12 +20189,12 @@ export interface GetOrganizationsByIdRequest { */ export interface PatchEnabledConnectionsByConnectionIdOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; /** - * Connection identifier + * Connection identifier. * */ connectionId: string; @@ -18321,7 +20214,7 @@ export interface PatchOrganizationsByIdOperationRequest { */ export interface PostEnabledConnectionsOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18331,7 +20224,7 @@ export interface PostEnabledConnectionsOperationRequest { */ export interface PostInvitationsOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18341,17 +20234,7 @@ export interface PostInvitationsOperationRequest { */ export interface PostMembersOperationRequest { /** - * Organization identifier - * - */ - id: string; -} -/** - * - */ -export interface PostOrganizationClientGrantsOperationRequest { - /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18361,7 +20244,7 @@ export interface PostOrganizationClientGrantsOperationRequest { */ export interface PostOrganizationMemberRolesOperationRequest { /** - * Organization identifier + * Organization identifier. * */ id: string; @@ -18386,8 +20269,11 @@ export const GetCustomTextByLanguagePromptEnum = { signup_password: 'signup-password', phone_identifier_enrollment: 'phone-identifier-enrollment', phone_identifier_challenge: 'phone-identifier-challenge', + email_identifier_challenge: 'email-identifier-challenge', reset_password: 'reset-password', + custom_form: 'custom-form', consent: 'consent', + customized_consent: 'customized-consent', logout: 'logout', mfa_push: 'mfa-push', mfa_otp: 'mfa-otp', @@ -18406,6 +20292,7 @@ export const GetCustomTextByLanguagePromptEnum = { invitation: 'invitation', common: 'common', passkeys: 'passkeys', + captcha: 'captcha', } as const; export type GetCustomTextByLanguagePromptEnum = (typeof GetCustomTextByLanguagePromptEnum)[keyof typeof GetCustomTextByLanguagePromptEnum]; @@ -18414,39 +20301,62 @@ export type GetCustomTextByLanguagePromptEnum = * */ export const GetCustomTextByLanguageLanguageEnum = { + am: 'am', ar: 'ar', + ar_EG: 'ar-EG', + ar_SA: 'ar-SA', + az: 'az', bg: 'bg', + bn: 'bn', bs: 'bs', ca_ES: 'ca-ES', + cnr: 'cnr', cs: 'cs', cy: 'cy', da: 'da', de: 'de', el: 'el', en: 'en', + en_CA: 'en-CA', es: 'es', + es_419: 'es-419', + es_AR: 'es-AR', + es_MX: 'es-MX', et: 'et', eu_ES: 'eu-ES', + fa: 'fa', fi: 'fi', fr: 'fr', fr_CA: 'fr-CA', fr_FR: 'fr-FR', gl_ES: 'gl-ES', + gu: 'gu', he: 'he', hi: 'hi', hr: 'hr', hu: 'hu', + hy: 'hy', id: 'id', is: 'is', it: 'it', ja: 'ja', + ka: 'ka', + kk: 'kk', + kn: 'kn', ko: 'ko', lt: 'lt', lv: 'lv', + mk: 'mk', + ml: 'ml', + mn: 'mn', + mr: 'mr', + ms: 'ms', + my: 'my', nb: 'nb', nl: 'nl', nn: 'nn', no: 'no', + pa: 'pa', pl: 'pl', pt: 'pt', pt_BR: 'pt-BR', @@ -18455,13 +20365,22 @@ export const GetCustomTextByLanguageLanguageEnum = { ru: 'ru', sk: 'sk', sl: 'sl', + so: 'so', + sq: 'sq', sr: 'sr', sv: 'sv', + sw: 'sw', + ta: 'ta', + te: 'te', th: 'th', + tl: 'tl', tr: 'tr', uk: 'uk', + ur: 'ur', vi: 'vi', + zgh: 'zgh', zh_CN: 'zh-CN', + zh_HK: 'zh-HK', zh_TW: 'zh-TW', } as const; export type GetCustomTextByLanguageLanguageEnum = @@ -18645,12 +20564,12 @@ export type GetRenderingScreenEnum = */ export interface GetRenderingRequest { /** - * Name of the prompt. + * Name of the prompt * */ prompt: GetRenderingPromptEnum; /** - * Name of the screen. + * Name of the screen * */ screen: GetRenderingScreenEnum; @@ -18791,12 +20710,12 @@ export type PatchRenderingOperationScreenEnum = */ export interface PatchRenderingOperationRequest { /** - * Name of the prompt. + * Name of the prompt * */ prompt: PatchRenderingOperationPromptEnum; /** - * Name of the screen. + * Name of the screen * */ screen: PatchRenderingOperationScreenEnum; @@ -18816,8 +20735,11 @@ export const PutCustomTextByLanguagePromptEnum = { signup_password: 'signup-password', phone_identifier_enrollment: 'phone-identifier-enrollment', phone_identifier_challenge: 'phone-identifier-challenge', + email_identifier_challenge: 'email-identifier-challenge', reset_password: 'reset-password', + custom_form: 'custom-form', consent: 'consent', + customized_consent: 'customized-consent', logout: 'logout', mfa_push: 'mfa-push', mfa_otp: 'mfa-otp', @@ -18836,6 +20758,7 @@ export const PutCustomTextByLanguagePromptEnum = { invitation: 'invitation', common: 'common', passkeys: 'passkeys', + captcha: 'captcha', } as const; export type PutCustomTextByLanguagePromptEnum = (typeof PutCustomTextByLanguagePromptEnum)[keyof typeof PutCustomTextByLanguagePromptEnum]; @@ -18844,39 +20767,62 @@ export type PutCustomTextByLanguagePromptEnum = * */ export const PutCustomTextByLanguageLanguageEnum = { + am: 'am', ar: 'ar', + ar_EG: 'ar-EG', + ar_SA: 'ar-SA', + az: 'az', bg: 'bg', + bn: 'bn', bs: 'bs', ca_ES: 'ca-ES', + cnr: 'cnr', cs: 'cs', cy: 'cy', da: 'da', de: 'de', el: 'el', en: 'en', + en_CA: 'en-CA', es: 'es', + es_419: 'es-419', + es_AR: 'es-AR', + es_MX: 'es-MX', et: 'et', eu_ES: 'eu-ES', + fa: 'fa', fi: 'fi', fr: 'fr', fr_CA: 'fr-CA', fr_FR: 'fr-FR', gl_ES: 'gl-ES', + gu: 'gu', he: 'he', hi: 'hi', hr: 'hr', hu: 'hu', + hy: 'hy', id: 'id', is: 'is', it: 'it', ja: 'ja', + ka: 'ka', + kk: 'kk', + kn: 'kn', ko: 'ko', lt: 'lt', lv: 'lv', + mk: 'mk', + ml: 'ml', + mn: 'mn', + mr: 'mr', + ms: 'ms', + my: 'my', nb: 'nb', nl: 'nl', nn: 'nn', no: 'no', + pa: 'pa', pl: 'pl', pt: 'pt', pt_BR: 'pt-BR', @@ -18885,13 +20831,22 @@ export const PutCustomTextByLanguageLanguageEnum = { ru: 'ru', sk: 'sk', sl: 'sl', + so: 'so', + sq: 'sq', sr: 'sr', sv: 'sv', + sw: 'sw', + ta: 'ta', + te: 'te', th: 'th', + tl: 'tl', tr: 'tr', uk: 'uk', + ur: 'ur', vi: 'vi', + zgh: 'zgh', zh_CN: 'zh-CN', + zh_HK: 'zh-HK', zh_TW: 'zh-TW', } as const; export type PutCustomTextByLanguageLanguageEnum = @@ -18974,7 +20929,7 @@ export interface DeleteResourceServersByIdRequest { */ export interface GetResourceServersRequest { /** - * A list of URI encoded identifiers to filter the results by. Consider URL limits when using this parameter, if the URL is too long, consider chunking the requests + * An optional filter on the resource server identifier. Must be URL encoded and may be specified multiple times (max 10).
    e.g. ../resource-servers?identifiers=id1&identifiers=id2 * */ identifiers?: Array; @@ -19189,7 +21144,7 @@ export interface GetRulesRequest { */ page?: number; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -19437,6 +21392,16 @@ export interface GetSessionRequest { */ id: string; } +/** + * + */ +export interface RevokeSessionRequest { + /** + * ID of the session to revoke. + * + */ + id: string; +} /** * */ @@ -19814,7 +21779,7 @@ export interface GetPermissionsRequest { */ id: string; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -19844,7 +21809,7 @@ export interface GetRefreshTokensForUserRequest { */ include_totals?: boolean; /** - * Optional token ID from which to start selection (exclusive). + * An optional cursor from which to start the selection (exclusive). * */ from?: string; @@ -19869,7 +21834,7 @@ export interface GetSessionsForUserRequest { */ include_totals?: boolean; /** - * Optional session ID from which to start selection (exclusive). + * An optional cursor from which to start the selection (exclusive). * */ from?: string; @@ -19914,7 +21879,7 @@ export interface GetUserRolesRequest { */ id: string; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -19951,7 +21916,7 @@ export interface GetUsersRequest { */ page?: number; /** - * Number of results per page. Paging is disabled if parameter not sent. + * Number of results per page. * */ per_page?: number; @@ -20106,6 +22071,16 @@ export interface PutAuthenticationMethodsRequest { */ id: string; } +/** + * + */ +export interface UserRevokeAccessOperationRequest { + /** + * ID of the user. + * + */ + id: string; +} /** * */