diff --git a/src/management/__generated/models/index.ts b/src/management/__generated/models/index.ts index 678ac2c28..92d3579ed 100644 --- a/src/management/__generated/models/index.ts +++ b/src/management/__generated/models/index.ts @@ -2096,7 +2096,26 @@ export interface ClientGrant { * */ scope: Array; + /** + * Defines whether organizations can be used with client credentials exchanges for this grant. + * + */ + organization_usage: ClientGrantOrganizationUsageEnum; + /** + * If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations. + * + */ + allow_any_organization: boolean; } + +export const ClientGrantOrganizationUsageEnum = { + deny: 'deny', + allow: 'allow', + require: 'require', +} as const; +export type ClientGrantOrganizationUsageEnum = + (typeof ClientGrantOrganizationUsageEnum)[keyof typeof ClientGrantOrganizationUsageEnum]; + /** * */ @@ -2111,12 +2130,31 @@ export interface ClientGrantCreate { * */ audience: string; + /** + * Defines whether organizations can be used with client credentials exchanges for this grant. + * + */ + organization_usage?: ClientGrantCreateOrganizationUsageEnum; + /** + * If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations. + * + */ + allow_any_organization?: boolean; /** * Scopes allowed for this client grant. * */ scope: Array; } + +export const ClientGrantCreateOrganizationUsageEnum = { + deny: 'deny', + allow: 'allow', + require: 'require', +} as const; +export type ClientGrantCreateOrganizationUsageEnum = + (typeof ClientGrantCreateOrganizationUsageEnum)[keyof typeof ClientGrantCreateOrganizationUsageEnum]; + /** * Configuration related to JWTs for the client. */ @@ -2479,10 +2517,13 @@ export interface ClientUpdate { initiate_login_uri?: string; /** */ - native_social_login?: ClientCreateNativeSocialLogin | null; + native_social_login?: ClientUpdateNativeSocialLogin | null; /** */ refresh_token?: ClientRefreshToken | null; + /** + */ + default_organization?: ClientDefaultOrganization | null; /** * Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`. * @@ -2501,14 +2542,14 @@ export interface ClientUpdate { * */ require_pushed_authorization_requests?: boolean; - /** - */ - signed_request_object?: ClientUpdateSignedRequestObject | null; /** * Makes the use of Proof-of-Possession mandatory for this client * */ require_proof_of_possession?: boolean; + /** + */ + signed_request_object?: ClientUpdateSignedRequestObject | null; /** * Defines the compliance level for this client, which may restrict it's capabilities * @@ -2593,10 +2634,10 @@ export interface ClientUpdateAddons { azure_sb?: ClientCreateAddonsAzureSb; /** */ - rms?: ClientCreateAddonsRms; + rms?: ClientAddonsRms; /** */ - mscrm?: ClientCreateAddonsMscrm; + mscrm?: ClientAddonsMscrm; /** */ slack?: ClientAddonsSlack; @@ -2640,7 +2681,7 @@ export interface ClientUpdateAddons { office365?: ClientCreateAddonsOffice365; /** */ - salesforce?: ClientCreateAddonsSalesforce; + salesforce?: ClientUpdateAddonsSalesforce; /** */ salesforce_api?: ClientCreateAddonsSalesforceApi; @@ -2655,7 +2696,7 @@ export interface ClientUpdateAddons { layer?: ClientAddonsLayer; /** */ - sap_api?: ClientCreateAddonsSapApi; + sap_api?: ClientUpdateAddonsSapApi; /** */ sharepoint?: ClientCreateAddonsSharepoint; @@ -2685,6 +2726,53 @@ export interface ClientUpdateAddons { */ oag?: object | null; } +/** + * Salesforce SSO configuration. + */ +export interface ClientUpdateAddonsSalesforce { + [key: string]: any | any; + /** + * Arbitrary logical URL that identifies the Saleforce resource. e.g. `https://acme-org.com`. + * + */ + entity_id?: string; +} +/** + * SAP API addon configuration. + */ +export interface ClientUpdateAddonsSapApi { + [key: string]: any | any; + /** + * If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_id must be set and equal the client_id form parameter of the access token request. + * + */ + clientid?: string; + /** + * Name of the property in the user object that maps to a SAP username. e.g. `email`. + * + */ + usernameAttribute?: string; + /** + * Your SAP OData server OAuth2 token endpoint URL. + * + */ + tokenEndpointUrl?: string; + /** + * Requested scope for SAP APIs. + * + */ + scope?: string; + /** + * Service account password to use to authenticate API calls to the token endpoint. + * + */ + servicePassword?: string; + /** + * NameID element of the Subject which can be used to express the user's identity. Defaults to `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`. + * + */ + nameIdentifierFormat?: string; +} /** * Defines client authentication methods. */ @@ -2787,6 +2875,30 @@ export interface ClientUpdateMobileIos { */ app_bundle_identifier?: string; } +/** + * Configure native social settings + */ +export interface ClientUpdateNativeSocialLogin { + /** + */ + apple?: ClientCreateNativeSocialLoginApple | null; + /** + */ + facebook?: ClientCreateNativeSocialLoginFacebook | null; + /** + */ + google?: ClientUpdateNativeSocialLoginGoogle | null; +} +/** + * Native Social Login support for the google-oauth2 connection + */ +export interface ClientUpdateNativeSocialLoginGoogle { + /** + * Determine whether or not to allow signing in natively using a Google ID token + * + */ + enabled?: boolean; +} /** * Configuration for OIDC backchannel logout */ @@ -2796,7 +2908,46 @@ export interface ClientUpdateOidcLogout { * */ backchannel_logout_urls?: Array; + /** + */ + backchannel_logout_initiators?: ClientUpdateOidcLogoutBackchannelLogoutInitiators; } +/** + * Configuration for OIDC backchannel logout initiators + */ +export interface ClientUpdateOidcLogoutBackchannelLogoutInitiators { + [key: string]: any | any; + /** + * The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators. + * + */ + mode: ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum; + /** + */ + selected_initiators?: Array; +} + +export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum = { + custom: 'custom', + all: 'all', +} as const; +export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum = + (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum]; + +export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = { + rp_logout: 'rp-logout', + idp_logout: 'idp-logout', + password_changed: 'password-changed', + session_expired: 'session-expired', + session_revoked: 'session-revoked', + account_deleted: 'account-deleted', + email_identifier_changed: 'email-identifier-changed', + mfa_phone_unenrolled: 'mfa-phone-unenrolled', + account_deactivated: 'account-deactivated', +} as const; +export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = + (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum]; + /** * JWT-secured Authorization Requests (JAR) settings. */ @@ -8306,7 +8457,27 @@ export interface PatchClientGrantsByIdRequest { * */ scope?: Array; + /** + * Controls how organizations may be used with this grant + * + */ + organization_usage?: PatchClientGrantsByIdRequestOrganizationUsageEnum; + /** + * Controls allowing any organization to be used with this grant + * + */ + allow_any_organization?: boolean | null; } + +export const PatchClientGrantsByIdRequestOrganizationUsageEnum = { + deny: 'deny', + allow: 'allow', + require: 'require', + null: 'null', +} as const; +export type PatchClientGrantsByIdRequestOrganizationUsageEnum = + (typeof PatchClientGrantsByIdRequestOrganizationUsageEnum)[keyof typeof PatchClientGrantsByIdRequestOrganizationUsageEnum]; + /** * */