diff --git a/src/management/__generated/managers/clients-manager.ts b/src/management/__generated/managers/clients-manager.ts
index f012342e5..2ed8bb095 100644
--- a/src/management/__generated/managers/clients-manager.ts
+++ b/src/management/__generated/managers/clients-manager.ts
@@ -79,15 +79,18 @@ export class ClientsManager extends BaseAPI {
}
/**
- * Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or exclude
- * may also be specified. Note:
+ * Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or exclude may also be specified.
+ * For more information, read Applications in Auth0 and Single Sign-On.
+ *
*
* -
- *
client_id
, app_type
, name
, and description
can be retrieved with
- * any scope.
+ * The following can be retrieved with any scope:
+ * client_id
, app_type
, name
, and description
.
*
* -
- *
callbacks
, oidc_backchannel_logout
, allowed_origins
,
+ * The following properties can only be retrieved with the read:clients
or
+ * read:client_keys
scope:
+ * callbacks
, oidc_logout
, allowed_origins
,
* web_origins
, tenant
, global
, config_route
,
* callback_url_template
, jwt_configuration
,
* jwt_configuration.lifetime_in_seconds
, jwt_configuration.secret_encoded
,
@@ -100,14 +103,13 @@ export class ClientsManager extends BaseAPI {
* is_token_endpoint_ip_header_trusted
, initiate_login_uri
, grant_types
,
* refresh_token
, refresh_token.rotation_type
, refresh_token.expiration_type
,
* refresh_token.leeway
, refresh_token.token_lifetime
, organization_usage
,
- * organization_require_behavior
- * properties can only be retrieved with the read:clients
or
- * read:client_keys
scope.
+ * organization_require_behavior
.
*
* -
+ * The following properties can only be retrieved with the
+ *
read:client_keys
or read:client_credentials
scope:
* encryption_key
, encryption_key.pub
, encryption_key.cert
,
- * client_secret
, client_authentication_methods
and signing_key
properties can only be retrieved with the
- * read:client_keys
or read:client_credentials
scope.
+ * client_secret
, client_authentication_methods
and signing_key
.
*
*
*
@@ -148,6 +150,14 @@ export class ClientsManager extends BaseAPI {
key: 'include_totals',
config: {},
},
+ {
+ key: 'from',
+ config: {},
+ },
+ {
+ key: 'take',
+ config: {},
+ },
{
key: 'is_global',
config: {},
@@ -160,6 +170,14 @@ export class ClientsManager extends BaseAPI {
key: 'app_type',
config: {},
},
+ {
+ key: 'client_ids',
+ config: {},
+ },
+ {
+ key: 'q',
+ config: {},
+ },
]);
const response = await this.request(
@@ -175,14 +193,17 @@ export class ClientsManager extends BaseAPI {
}
/**
- * Retrieve client details. A list of fields to include or exclude may also be specified. Note:
+ * Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list of fields to include or exclude may also be specified.
+ * For more information, read Applications in Auth0 and Single Sign-On.
*
* -
- *
client_id
, app_type
, name
, and description
can be retrieved with
- * the any of the scopes.
+ * The following properties can be retrieved with any of the scopes:
+ * client_id
, app_type
, name
, and description
.
*
* -
- *
callbacks
, oidc_backchannel_logout
, allowed_origins
,
+ * The following properties can only be retrieved with the read:clients
or
+ * read:client_keys
scopes:
+ * callbacks
, oidc_logout
, allowed_origins
,
* web_origins
, tenant
, global
, config_route
,
* callback_url_template
, jwt_configuration
,
* jwt_configuration.lifetime_in_seconds
, jwt_configuration.secret_encoded
,
@@ -195,18 +216,16 @@ export class ClientsManager extends BaseAPI {
* is_token_endpoint_ip_header_trusted
, initiate_login_uri
, grant_types
,
* refresh_token
, refresh_token.rotation_type
, refresh_token.expiration_type
,
* refresh_token.leeway
, refresh_token.token_lifetime
, organization_usage
,
- * organization_require_behavior
- * properties can only be retrieved with the read:clients
or
- * read:client_keys
scope.
+ * organization_require_behavior
.
*
* -
+ * The following properties can only be retrieved with the
read:client_keys
or read:client_credentials
scopes:
* encryption_key
, encryption_key.pub
, encryption_key.cert
,
- * client_secret
, client_authentication_methods
and signing_key
properties can only be retrieved with the
- * read:client_keys
or read:client_credentials
scope.
+ * client_secret
, client_authentication_methods
and signing_key
.
*
*
*
- * Get a client
+ * Get client by ID
*
* @throws {RequiredError}
*/
@@ -298,6 +317,8 @@ export class ClientsManager extends BaseAPI {
}
/**
+ * Updates a client's settings. For more information, read Applications in Auth0 and Single Sign-On.
+ *
* Notes:
* - The `client_secret` and `signing_key` attributes can only be updated with the `update:client_keys` scope.
* - The client_authentication_methods
and token_endpoint_auth_method
properties are mutually exclusive. Use
@@ -371,7 +392,8 @@ export class ClientsManager extends BaseAPI {
}
/**
- * Create a new client (application or SSO integration).
+ * Create a new client (application or SSO integration). For more information, read Create Applications
+ * API Endpoints for Single Sign-On.
*
* Notes:
* - We recommend leaving the `client_secret` parameter unspecified to allow the generation of a safe secret.
diff --git a/src/management/__generated/managers/organizations-manager.ts b/src/management/__generated/managers/organizations-manager.ts
index 110db67f8..2b2d5ff2d 100644
--- a/src/management/__generated/managers/organizations-manager.ts
+++ b/src/management/__generated/managers/organizations-manager.ts
@@ -8,6 +8,7 @@ import type {
GetInvitations200Response,
GetInvitations200ResponseOneOfInner,
GetMembers200Response,
+ GetOrganizationClientGrants200Response,
GetOrganizationMemberRoles200Response,
GetOrganizations200Response,
GetOrganizations200ResponseOneOfInner,
@@ -23,6 +24,8 @@ import type {
GetInvitations200ResponseOneOf,
GetMembers200ResponseOneOf,
GetMembers200ResponseOneOfInner,
+ GetOrganizationClientGrants200ResponseOneOf,
+ GetOrganizationClientGrants200ResponseOneOfInner,
GetOrganizationMemberRoles200ResponseOneOf,
GetOrganizationMemberRoles200ResponseOneOfInner,
GetOrganizations200ResponseOneOf,
@@ -37,6 +40,7 @@ import type {
GetInvitationsByInvitationIdRequest,
GetMembersRequest,
GetNameByNameRequest,
+ GetOrganizationClientGrantsRequest,
GetOrganizationMemberRolesRequest,
GetOrganizationsRequest,
GetOrganizationsByIdRequest,
@@ -483,6 +487,70 @@ export class OrganizationsManager extends BaseAPI {
return runtime.JSONApiResponse.fromResponse(response);
}
+ /**
+ * Get client grants associated to an organization
+ *
+ * @throws {RequiredError}
+ */
+ async getOrganizationClientGrants(
+ requestParameters: GetOrganizationClientGrantsRequest & { include_totals: true },
+ initOverrides?: InitOverride
+ ): Promise>;
+ async getOrganizationClientGrants(
+ requestParameters?: GetOrganizationClientGrantsRequest,
+ initOverrides?: InitOverride
+ ): Promise>>;
+ async getOrganizationClientGrants(
+ requestParameters: GetOrganizationClientGrantsRequest,
+ initOverrides?: InitOverride
+ ): Promise> {
+ runtime.validateRequiredRequestParams(requestParameters, ['id']);
+
+ const queryParameters = runtime.applyQueryParams(requestParameters, [
+ {
+ key: 'audience',
+ config: {},
+ },
+ {
+ key: 'client_id',
+ config: {},
+ },
+ {
+ key: 'grant_ids',
+ config: {
+ isArray: true,
+ isCollectionFormatMulti: true,
+ },
+ },
+ {
+ key: 'page',
+ config: {},
+ },
+ {
+ key: 'per_page',
+ config: {},
+ },
+ {
+ key: 'include_totals',
+ config: {},
+ },
+ ]);
+
+ const response = await this.request(
+ {
+ path: `/organizations/{id}/client-grants`.replace(
+ '{id}',
+ encodeURIComponent(String(requestParameters.id))
+ ),
+ method: 'GET',
+ query: queryParameters,
+ },
+ initOverrides
+ );
+
+ return runtime.JSONApiResponse.fromResponse(response);
+ }
+
/**
* Get the roles assigned to an organization member
*
diff --git a/src/management/__generated/managers/resource-servers-manager.ts b/src/management/__generated/managers/resource-servers-manager.ts
index 689957943..15ad8931a 100644
--- a/src/management/__generated/managers/resource-servers-manager.ts
+++ b/src/management/__generated/managers/resource-servers-manager.ts
@@ -45,7 +45,7 @@ export class ResourceServersManager extends BaseAPI {
}
/**
- * Retrieve APIs (also known as resource servers) that you can consume from your authorized applications.
+ * Retrieve details of all APIs associated with your tenant.
* Get resource servers
*
* @throws {RequiredError}
@@ -63,6 +63,13 @@ export class ResourceServersManager extends BaseAPI {
initOverrides?: InitOverride
): Promise> {
const queryParameters = runtime.applyQueryParams(requestParameters, [
+ {
+ key: 'identifiers',
+ config: {
+ isArray: true,
+ isCollectionFormatMulti: true,
+ },
+ },
{
key: 'page',
config: {},
diff --git a/src/management/__generated/models/index.ts b/src/management/__generated/models/index.ts
index d534bdf92..92d3579ed 100644
--- a/src/management/__generated/models/index.ts
+++ b/src/management/__generated/models/index.ts
@@ -175,10 +175,13 @@ export interface Client {
initiate_login_uri: string;
/**
*/
- native_social_login: ClientNativeSocialLogin | null;
+ native_social_login: any | null;
/**
*/
refresh_token: ClientRefreshToken | null;
+ /**
+ */
+ default_organization: ClientDefaultOrganization | null;
/**
* Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`.
*
@@ -197,14 +200,14 @@ export interface Client {
*
*/
require_pushed_authorization_requests: boolean;
- /**
- */
- signed_request_object: ClientSignedRequestObject;
/**
* Makes the use of Proof-of-Possession mandatory for this client
*
*/
require_proof_of_possession: boolean;
+ /**
+ */
+ signed_request_object: ClientSignedRequestObject;
/**
* Defines the compliance level for this client, which may restrict it's capabilities
*
@@ -1174,10 +1177,10 @@ export interface ClientCreateAddons {
azure_sb?: ClientCreateAddonsAzureSb;
/**
*/
- rms?: ClientAddonsRms;
+ rms?: ClientCreateAddonsRms;
/**
*/
- mscrm?: ClientAddonsMscrm;
+ mscrm?: ClientCreateAddonsMscrm;
/**
*/
slack?: ClientAddonsSlack;
@@ -1442,6 +1445,17 @@ export interface ClientCreateAddonsFirebase {
*/
lifetime_in_seconds?: number;
}
+/**
+ * Microsoft Dynamics CRM SSO configuration.
+ */
+export interface ClientCreateAddonsMscrm {
+ [key: string]: any | any;
+ /**
+ * Microsoft Dynamics CRM application URL.
+ *
+ */
+ url: string;
+}
/**
* New Relic SSO configuration.
*/
@@ -1469,6 +1483,17 @@ export interface ClientCreateAddonsOffice365 {
*/
connection?: string;
}
+/**
+ * Active Directory Rights Management Service SSO configuration.
+ */
+export interface ClientCreateAddonsRms {
+ [key: string]: any | any;
+ /**
+ * URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.
+ *
+ */
+ url: string;
+}
/**
* Salesforce SSO configuration.
*/
@@ -2004,6 +2029,28 @@ export interface ClientCreateSignedRequestObject {
*/
credentials?: Array;
}
+/**
+ * Defines the default Organization ID and flows
+ */
+export interface ClientDefaultOrganization {
+ /**
+ * The default Organization ID to be used
+ *
+ */
+ organization_id: string;
+ /**
+ * The default Organization usage
+ *
+ */
+ flows: Array;
+}
+
+export const ClientDefaultOrganizationFlowsEnum = {
+ client_credentials: 'client_credentials',
+} as const;
+export type ClientDefaultOrganizationFlowsEnum =
+ (typeof ClientDefaultOrganizationFlowsEnum)[keyof typeof ClientDefaultOrganizationFlowsEnum];
+
/**
* Encryption used for WsFed responses with this client.
*/
@@ -2049,7 +2096,26 @@ export interface ClientGrant {
*
*/
scope: Array;
+ /**
+ * Defines whether organizations can be used with client credentials exchanges for this grant.
+ *
+ */
+ organization_usage: ClientGrantOrganizationUsageEnum;
+ /**
+ * If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations.
+ *
+ */
+ allow_any_organization: boolean;
}
+
+export const ClientGrantOrganizationUsageEnum = {
+ deny: 'deny',
+ allow: 'allow',
+ require: 'require',
+} as const;
+export type ClientGrantOrganizationUsageEnum =
+ (typeof ClientGrantOrganizationUsageEnum)[keyof typeof ClientGrantOrganizationUsageEnum];
+
/**
*
*/
@@ -2064,12 +2130,31 @@ export interface ClientGrantCreate {
*
*/
audience: string;
+ /**
+ * Defines whether organizations can be used with client credentials exchanges for this grant.
+ *
+ */
+ organization_usage?: ClientGrantCreateOrganizationUsageEnum;
+ /**
+ * If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations.
+ *
+ */
+ allow_any_organization?: boolean;
/**
* Scopes allowed for this client grant.
*
*/
scope: Array;
}
+
+export const ClientGrantCreateOrganizationUsageEnum = {
+ deny: 'deny',
+ allow: 'allow',
+ require: 'require',
+} as const;
+export type ClientGrantCreateOrganizationUsageEnum =
+ (typeof ClientGrantCreateOrganizationUsageEnum)[keyof typeof ClientGrantCreateOrganizationUsageEnum];
+
/**
* Configuration related to JWTs for the client.
*/
@@ -2150,47 +2235,55 @@ export interface ClientMobileIos {
app_bundle_identifier: string;
}
/**
- * Configure native social settings
- */
-export interface ClientNativeSocialLogin {
- /**
- */
- apple: ClientNativeSocialLoginApple | null;
- /**
- */
- facebook: ClientNativeSocialLoginFacebook | null;
-}
-/**
- * Native Social Login support for the Apple connection
+ * Configuration for OIDC backchannel logout
*/
-export interface ClientNativeSocialLoginApple {
+export interface ClientOidcLogout {
+ [key: string]: any | any;
/**
- * Determine whether or not to allow signing in natively using an Apple authorization code
+ * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
*
*/
- enabled: boolean;
-}
-/**
- * Native Social Login support for the Facebook connection
- */
-export interface ClientNativeSocialLoginFacebook {
+ backchannel_logout_urls: Array;
/**
- * Determine whether or not to allow signing in natively using Facebook
- *
*/
- enabled: boolean;
+ backchannel_logout_initiators: ClientOidcLogoutBackchannelLogoutInitiators;
}
/**
- * Configuration for OIDC backchannel logout
+ * Configuration for OIDC backchannel logout initiators
*/
-export interface ClientOidcLogout {
+export interface ClientOidcLogoutBackchannelLogoutInitiators {
[key: string]: any | any;
/**
- * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.
+ * The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators.
*
*/
- backchannel_logout_urls: Array;
+ mode: ClientOidcLogoutBackchannelLogoutInitiatorsModeEnum;
+ /**
+ */
+ selected_initiators: Array;
}
+
+export const ClientOidcLogoutBackchannelLogoutInitiatorsModeEnum = {
+ custom: 'custom',
+ all: 'all',
+} as const;
+export type ClientOidcLogoutBackchannelLogoutInitiatorsModeEnum =
+ (typeof ClientOidcLogoutBackchannelLogoutInitiatorsModeEnum)[keyof typeof ClientOidcLogoutBackchannelLogoutInitiatorsModeEnum];
+
+export const ClientOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = {
+ rp_logout: 'rp-logout',
+ idp_logout: 'idp-logout',
+ password_changed: 'password-changed',
+ session_expired: 'session-expired',
+ session_revoked: 'session-revoked',
+ account_deleted: 'account-deleted',
+ email_identifier_changed: 'email-identifier-changed',
+ mfa_phone_unenrolled: 'mfa-phone-unenrolled',
+ account_deactivated: 'account-deactivated',
+} as const;
+export type ClientOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum =
+ (typeof ClientOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum)[keyof typeof ClientOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum];
+
/**
* Refresh token configuration
*/
@@ -2424,10 +2517,13 @@ export interface ClientUpdate {
initiate_login_uri?: string;
/**
*/
- native_social_login?: ClientCreateNativeSocialLogin | null;
+ native_social_login?: ClientUpdateNativeSocialLogin | null;
/**
*/
refresh_token?: ClientRefreshToken | null;
+ /**
+ */
+ default_organization?: ClientDefaultOrganization | null;
/**
* Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`.
*
@@ -2446,14 +2542,14 @@ export interface ClientUpdate {
*
*/
require_pushed_authorization_requests?: boolean;
- /**
- */
- signed_request_object?: ClientUpdateSignedRequestObject | null;
/**
* Makes the use of Proof-of-Possession mandatory for this client
*
*/
require_proof_of_possession?: boolean;
+ /**
+ */
+ signed_request_object?: ClientUpdateSignedRequestObject | null;
/**
* Defines the compliance level for this client, which may restrict it's capabilities
*
@@ -2585,7 +2681,7 @@ export interface ClientUpdateAddons {
office365?: ClientCreateAddonsOffice365;
/**
*/
- salesforce?: ClientCreateAddonsSalesforce;
+ salesforce?: ClientUpdateAddonsSalesforce;
/**
*/
salesforce_api?: ClientCreateAddonsSalesforceApi;
@@ -2600,7 +2696,7 @@ export interface ClientUpdateAddons {
layer?: ClientAddonsLayer;
/**
*/
- sap_api?: ClientCreateAddonsSapApi;
+ sap_api?: ClientUpdateAddonsSapApi;
/**
*/
sharepoint?: ClientCreateAddonsSharepoint;
@@ -2630,6 +2726,53 @@ export interface ClientUpdateAddons {
*/
oag?: object | null;
}
+/**
+ * Salesforce SSO configuration.
+ */
+export interface ClientUpdateAddonsSalesforce {
+ [key: string]: any | any;
+ /**
+ * Arbitrary logical URL that identifies the Saleforce resource. e.g. `https://acme-org.com`.
+ *
+ */
+ entity_id?: string;
+}
+/**
+ * SAP API addon configuration.
+ */
+export interface ClientUpdateAddonsSapApi {
+ [key: string]: any | any;
+ /**
+ * If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_id must be set and equal the client_id form parameter of the access token request.
+ *
+ */
+ clientid?: string;
+ /**
+ * Name of the property in the user object that maps to a SAP username. e.g. `email`.
+ *
+ */
+ usernameAttribute?: string;
+ /**
+ * Your SAP OData server OAuth2 token endpoint URL.
+ *
+ */
+ tokenEndpointUrl?: string;
+ /**
+ * Requested scope for SAP APIs.
+ *
+ */
+ scope?: string;
+ /**
+ * Service account password to use to authenticate API calls to the token endpoint.
+ *
+ */
+ servicePassword?: string;
+ /**
+ * NameID element of the Subject which can be used to express the user's identity. Defaults to `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`.
+ *
+ */
+ nameIdentifierFormat?: string;
+}
/**
* Defines client authentication methods.
*/
@@ -2732,6 +2875,30 @@ export interface ClientUpdateMobileIos {
*/
app_bundle_identifier?: string;
}
+/**
+ * Configure native social settings
+ */
+export interface ClientUpdateNativeSocialLogin {
+ /**
+ */
+ apple?: ClientCreateNativeSocialLoginApple | null;
+ /**
+ */
+ facebook?: ClientCreateNativeSocialLoginFacebook | null;
+ /**
+ */
+ google?: ClientUpdateNativeSocialLoginGoogle | null;
+}
+/**
+ * Native Social Login support for the google-oauth2 connection
+ */
+export interface ClientUpdateNativeSocialLoginGoogle {
+ /**
+ * Determine whether or not to allow signing in natively using a Google ID token
+ *
+ */
+ enabled?: boolean;
+}
/**
* Configuration for OIDC backchannel logout
*/
@@ -2741,7 +2908,46 @@ export interface ClientUpdateOidcLogout {
*
*/
backchannel_logout_urls?: Array;
+ /**
+ */
+ backchannel_logout_initiators?: ClientUpdateOidcLogoutBackchannelLogoutInitiators;
+}
+/**
+ * Configuration for OIDC backchannel logout initiators
+ */
+export interface ClientUpdateOidcLogoutBackchannelLogoutInitiators {
+ [key: string]: any | any;
+ /**
+ * The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators.
+ *
+ */
+ mode: ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum;
+ /**
+ */
+ selected_initiators?: Array;
}
+
+export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum = {
+ custom: 'custom',
+ all: 'all',
+} as const;
+export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum =
+ (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsModeEnum];
+
+export const ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum = {
+ rp_logout: 'rp-logout',
+ idp_logout: 'idp-logout',
+ password_changed: 'password-changed',
+ session_expired: 'session-expired',
+ session_revoked: 'session-revoked',
+ account_deleted: 'account-deleted',
+ email_identifier_changed: 'email-identifier-changed',
+ mfa_phone_unenrolled: 'mfa-phone-unenrolled',
+ account_deactivated: 'account-deactivated',
+} as const;
+export type ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum =
+ (typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum)[keyof typeof ClientUpdateOidcLogoutBackchannelLogoutInitiatorsSelectedInitiatorsEnum];
+
/**
* JWT-secured Authorization Requests (JAR) settings.
*/
@@ -4903,7 +5109,10 @@ export interface GetClientGrants200ResponseOneOf {
/**
*
*/
-export type GetClients200Response = Array | GetClients200ResponseOneOf;
+export type GetClients200Response =
+ | Array
+ | GetClients200ResponseOneOf
+ | GetClients200ResponseOneOf1;
/**
*
*/
@@ -4921,6 +5130,17 @@ export interface GetClients200ResponseOneOf {
*/
clients: Array;
}
+/**
+ *
+ */
+export interface GetClients200ResponseOneOf1 {
+ /**
+ */
+ next: string;
+ /**
+ */
+ clients: Array;
+}
/**
*
*/
@@ -6292,6 +6512,54 @@ export const GetMessageTypes200ResponseMessageTypesEnum = {
export type GetMessageTypes200ResponseMessageTypesEnum =
(typeof GetMessageTypes200ResponseMessageTypesEnum)[keyof typeof GetMessageTypes200ResponseMessageTypesEnum];
+/**
+ *
+ */
+export type GetOrganizationClientGrants200Response =
+ | Array
+ | GetOrganizationClientGrants200ResponseOneOf;
+/**
+ *
+ */
+export interface GetOrganizationClientGrants200ResponseOneOf {
+ /**
+ */
+ start: number;
+ /**
+ */
+ limit: number;
+ /**
+ */
+ total: number;
+ /**
+ */
+ grants: Array;
+}
+/**
+ *
+ */
+export interface GetOrganizationClientGrants200ResponseOneOfInner {
+ /**
+ * ID of the client grant.
+ *
+ */
+ id: string;
+ /**
+ * ID of the client.
+ *
+ */
+ client_id: string;
+ /**
+ * The audience (API identifier) of this client grant
+ *
+ */
+ audience: string;
+ /**
+ * Scopes allowed for this client grant.
+ *
+ */
+ scope: Array;
+}
/**
*
*/
@@ -8189,7 +8457,27 @@ export interface PatchClientGrantsByIdRequest {
*
*/
scope?: Array;
+ /**
+ * Controls how organizations may be used with this grant
+ *
+ */
+ organization_usage?: PatchClientGrantsByIdRequestOrganizationUsageEnum;
+ /**
+ * Controls allowing any organization to be used with this grant
+ *
+ */
+ allow_any_organization?: boolean | null;
}
+
+export const PatchClientGrantsByIdRequestOrganizationUsageEnum = {
+ deny: 'deny',
+ allow: 'allow',
+ require: 'require',
+ null: 'null',
+} as const;
+export type PatchClientGrantsByIdRequestOrganizationUsageEnum =
+ (typeof PatchClientGrantsByIdRequestOrganizationUsageEnum)[keyof typeof PatchClientGrantsByIdRequestOrganizationUsageEnum];
+
/**
*
*/
@@ -13467,6 +13755,16 @@ export interface GetClientsRequest {
*
*/
include_totals?: boolean;
+ /**
+ * Optional Id from which to start selection.
+ *
+ */
+ from?: string;
+ /**
+ * Number of results per page. Defaults to 50.
+ *
+ */
+ take?: number;
/**
* Optional filter on the global client parameter.
*
@@ -13482,6 +13780,16 @@ export interface GetClientsRequest {
*
*/
app_type?: string;
+ /**
+ * A comma separated list of client_ids used to filter the returned clients
+ *
+ */
+ client_ids?: string;
+ /**
+ * Query in Lucene query string syntax.
+ *
+ */
+ q?: string;
}
/**
*
@@ -14665,6 +14973,46 @@ export interface GetNameByNameRequest {
*/
name: string;
}
+/**
+ *
+ */
+export interface GetOrganizationClientGrantsRequest {
+ /**
+ * Organization identifier
+ *
+ */
+ id: string;
+ /**
+ * Optional filter on audience of the client grant.
+ *
+ */
+ audience?: string;
+ /**
+ * Optional filter on client_id of the client grant.
+ *
+ */
+ client_id?: string;
+ /**
+ * A list of grant ids, which will filter the results.
+ *
+ */
+ grant_ids?: Array;
+ /**
+ * Page index of the results to return. First page is 0.
+ *
+ */
+ page?: number;
+ /**
+ * Number of results per page. Defaults to 50.
+ *
+ */
+ per_page?: number;
+ /**
+ * Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).
+ *
+ */
+ include_totals?: boolean;
+}
/**
*
*/
@@ -15118,13 +15466,18 @@ export interface DeleteResourceServersByIdRequest {
*
*/
export interface GetResourceServersRequest {
+ /**
+ * A list of URI encoded identifiers to filter the results by. Consider URL limits when using this parameter, if the URL is too long, consider chunking the requests
+ *
+ */
+ identifiers?: Array;
/**
* Page index of the results to return. First page is 0.
*
*/
page?: number;
/**
- * Number of results per page. Paging is disabled if parameter not sent.
+ * Number of results per page.
*
*/
per_page?: number;
diff --git a/test/management/client.test.ts b/test/management/client.test.ts
index 8bfca27f0..c0518df8a 100644
--- a/test/management/client.test.ts
+++ b/test/management/client.test.ts
@@ -12,6 +12,7 @@ import {
PostCredentialsOperationRequest,
PostCredentialsRequest,
ManagementClient,
+ GetClientsRequest,
} from '../../src/index.js';
import { RequiredError } from '../../src/lib/errors.js';
@@ -138,16 +139,25 @@ describe('ClientsManager', () => {
it('should pass the parameters in the query-string', (done) => {
nock.cleanAll();
+ const queryParameters: GetClientsRequest | any = {
+ fields: 'name,email',
+ include_fields: true,
+ page: 0,
+ per_page: 50,
+ include_totals: false,
+ from: '12345',
+ take: 50,
+ is_global: true,
+ is_first_party: false,
+ app_type: 'web,mobile',
+ client_ids: 'client1,client2,client3',
+ q: 'name:John AND email:john@example.com',
+ };
+
const data = [{ client_id: '1' }];
- const request = nock(API_URL)
- .get('/clients')
- .query({
- include_fields: true,
- fields: 'test',
- })
- .reply(200, data);
+ const request = nock(API_URL).get('/clients').query(queryParameters).reply(200, data);
- clients.getAll({ include_fields: true, fields: 'test' }).then(() => {
+ clients.getAll({ ...queryParameters }).then(() => {
expect(request.isDone()).toBe(true);
done();
});
diff --git a/test/management/organizations.test.ts b/test/management/organizations.test.ts
index 248c184c2..1ad799bce 100644
--- a/test/management/organizations.test.ts
+++ b/test/management/organizations.test.ts
@@ -2,7 +2,14 @@ import nock from 'nock';
const API_URL = 'https://tenant.auth0.com/api/v2';
-import { OrganizationsManager, ManagementClient, RequiredError } from '../../src/index.js';
+import {
+ OrganizationsManager,
+ ManagementClient,
+ RequiredError,
+ GetOrganizationClientGrantsRequest,
+ GetOrganizationClientGrants200Response,
+ ApiResponse,
+} from '../../src/index.js';
describe('OrganizationsManager', () => {
let organizations: OrganizationsManager;
@@ -1386,4 +1393,85 @@ describe('OrganizationsManager', () => {
});
});
});
+
+ describe('#getOrganizationClientGrants', () => {
+ const token = 'test_token';
+
+ const data: GetOrganizationClientGrantsRequest | any = {
+ id: 'org_123',
+ audience: 'audience',
+ client_id: 'client_id',
+ grant_ids: ['grant_id1', 'grant_id2'],
+ page: 1,
+ per_page: 10,
+ include_totals: true,
+ };
+
+ beforeEach(() => {
+ request = nock(API_URL)
+ .get(`/organizations/${data.id}/client-grants`)
+ .query({
+ audience: data.audience,
+ client_id: data.client_id,
+ grant_ids: data.grant_ids,
+ page: data.page,
+ per_page: data.per_page,
+ include_totals: data.include_totals,
+ })
+ .reply(200, { grants: [] });
+ });
+
+ afterEach(() => {
+ nock.cleanAll();
+ });
+
+ it('should return a promise if no callback is given', async () => {
+ const promise = organizations.getOrganizationClientGrants(data);
+ expect(promise).toBeInstanceOf(Promise);
+ await promise;
+ });
+
+ it('should perform a GET request to /api/v2/organizations/:id/client-grants', async () => {
+ await organizations.getOrganizationClientGrants(data);
+ expect(request.isDone()).toBe(true);
+ });
+
+ it('should include the token in the Authorization header', async () => {
+ nock(API_URL, {
+ reqheaders: {
+ authorization: `Bearer ${token}`,
+ },
+ })
+ .get(`/organizations/${data.id}/client-grants`)
+ .query({
+ audience: data.audience,
+ client_id: data.client_id,
+ grant_ids: data.grant_ids,
+ page: data.page,
+ per_page: data.per_page,
+ include_totals: data.include_totals,
+ })
+ .reply(200, { grants: [] });
+
+ const result: ApiResponse =
+ await organizations.getOrganizationClientGrants(data);
+ expect(result.status).toBe(200);
+ });
+
+ it('should pass the query parameters correctly', async () => {
+ await organizations.getOrganizationClientGrants(data);
+ expect(request.isDone()).toBe(true);
+ });
+
+ it('should pass any errors to the promise catch handler', async () => {
+ request = nock(API_URL)
+ .get(`/organizations/${data.id}/client-grants`)
+ .query(true)
+ .reply(500, {});
+
+ organizations.getOrganizationClientGrants(data).catch((err) => {
+ expect(err).toBeDefined();
+ });
+ });
+ });
});
diff --git a/test/management/resource-servers.test.ts b/test/management/resource-servers.test.ts
index 118710038..0be3df254 100644
--- a/test/management/resource-servers.test.ts
+++ b/test/management/resource-servers.test.ts
@@ -1,4 +1,5 @@
import nock from 'nock';
+import queryString from 'querystring';
const API_URL = 'https://tenant.auth0.com/api/v2';
@@ -81,18 +82,25 @@ describe('ResourceServersManager', () => {
});
});
- it('should include the token in the Authorization header', (done) => {
+ it('should include the token in the Authorization header', async () => {
nock.cleanAll();
+ const queryParams = {
+ identifiers: ['123'],
+ page: 0,
+ per_page: 10,
+ include_totals: true,
+ include_fields: true,
+ };
+
const request = nock(API_URL)
- .get('/resource-servers')
+ .get(`/resource-servers?${queryString.stringify(queryParams)}`)
.matchHeader('Authorization', `Bearer ${token}`)
+ // .query(queryParams)
.reply(200, []);
- resourceServers.getAll().then(() => {
- expect(request.isDone()).toBe(true);
- done();
- });
+ await resourceServers.getAll(queryParams);
+ expect(request.isDone()).toBe(true);
});
});