diff --git a/src/components/ImageGallery.tsx b/src/components/ImageGallery.tsx new file mode 100644 index 0000000..ac474d0 --- /dev/null +++ b/src/components/ImageGallery.tsx @@ -0,0 +1,71 @@ +import { useState } from "react" +import { Card, CardBody, Modal, ModalContent, ModalBody, Button } from "@heroui/react" + +interface ImageGalleryProps { + images: string[] + columns?: 2 | 3 +} + +export default function ImageGallery({ images, columns = 3 }: ImageGalleryProps) { + const [selectedImage, setSelectedImage] = useState(null) + + if (!images || images.length === 0) { + return null + } + + const gridCols = columns === 2 ? "grid-cols-2" : "grid-cols-2 md:grid-cols-3" + + return ( + <> +
+ {images.map((image, index) => ( + setSelectedImage(image)} + > + + {`Image + + + ))} +
+ + {/* Image Modal */} + setSelectedImage(null)} + size="4xl" + scrollBehavior="inside" + > + + + {selectedImage && ( +
+ Full size + +
+ )} + + + + + ) +} diff --git a/src/pages/repair/EditRepairModal.tsx b/src/pages/repair/EditRepairModal.tsx index 1657233..cf495db 100644 --- a/src/pages/repair/EditRepairModal.tsx +++ b/src/pages/repair/EditRepairModal.tsx @@ -1,5 +1,5 @@ -import { useState, useEffect } from "react" -import { Modal, ModalContent, ModalHeader, ModalBody, ModalFooter, Button, Input, Textarea } from "@heroui/react" +import { useState, useEffect, useRef } from "react" +import { Modal, ModalContent, ModalHeader, ModalBody, ModalFooter, Button, Input, Textarea, Card, CardBody } from "@heroui/react" import { saturdayClient } from "../../utils/client" import { makeLogtoClient } from "../../utils/auth" import type { components } from "../../types/saturday" @@ -21,15 +21,19 @@ export default function EditRepairModal({ isOpen, onClose, event, onSaved }: Edi model: "", phone: "", qq: "", + images: [], }) + const [uploadError, setUploadError] = useState("") + const fileInputRef = useRef(null) useEffect(() => { if (event) { setFormData({ problem: event.problem || "", model: event.model || "", - phone: event.phone || "", - qq: event.qq || "", + phone: "", + qq: "", + images: event.images || [], }) } }, [event]) @@ -74,6 +78,72 @@ export default function EditRepairModal({ isOpen, onClose, event, onSaved }: Edi } } + const handleImageSelect = async (e: React.ChangeEvent) => { + const files = e.target.files + if (!files || files.length === 0) return + + setUploadError("") + const newImages: string[] = [] + const logtoToken = await makeLogtoClient().getAccessToken() + + for (let i = 0; i < files.length; i++) { + const file = files[i] + + // Validate file type + if (!file.type.startsWith("image/")) { + continue + } + + // Validate file size (max 10MB) + if (file.size > 10 * 1024 * 1024) { + setUploadError(`图片 ${file.name} 超过10MB大小限制`) + continue + } + + // Upload to server + try { + const formDataUpload = new FormData() + formDataUpload.append("file", file) + + const { data, error } = await saturdayClient.POST("/upload", { + params: { + header: { + Authorization: `Bearer ${logtoToken}`, + }, + }, + body: formDataUpload as unknown as { file: string }, + bodySerializer: () => formDataUpload as unknown as string, + }) + + if (error || !data) { + throw new Error("Upload failed") + } + + newImages.push(data.url) + } + catch (error) { + console.error("Failed to upload image:", error) + setUploadError(`图片 ${file.name} 上传失败`) + } + } + + setFormData({ + ...formData, + images: [...(formData.images || []), ...newImages], + }) + + // Reset file input + if (fileInputRef.current) { + fileInputRef.current.value = "" + } + } + + const handleRemoveImage = (index: number) => { + const newImages = [...(formData.images || [])] + newImages.splice(index, 1) + setFormData({ ...formData, images: newImages }) + } + return ( @@ -114,6 +184,63 @@ export default function EditRepairModal({ isOpen, onClose, event, onSaved }: Edi value={formData.qq || ""} onChange={e => setFormData({ ...formData, qq: e.target.value })} /> + + {/* Image Upload Section */} +
+
+ 问题图片 + + (可选,最多5张,每张最大10MB) + +
+ {uploadError && ( +
{uploadError}
+ )} +
+ + + + {formData.images && formData.images.length > 0 && ( +
+ {formData.images.map((image, index) => ( + + + {`Preview + + + + ))} +
+ )} +
+
diff --git a/src/pages/repair/EventAction.tsx b/src/pages/repair/EventAction.tsx index fa59011..7952a4b 100644 --- a/src/pages/repair/EventAction.tsx +++ b/src/pages/repair/EventAction.tsx @@ -2,8 +2,8 @@ import type { UserInfoResponse } from "@logto/browser" import type { PublicMember } from "../../store/member" import { EventStatus, type PublicEvent, type RepairEvent } from "../../types/event" import { saturdayClient } from "../../utils/client" -import { Button, Form, Select, SelectItem, Textarea } from "@heroui/react" -import { useEffect, useState } from "react" +import { Button, Form, Select, SelectItem, Textarea, Card, CardBody } from "@heroui/react" +import { useEffect, useState, useRef } from "react" export type IdentityContext = { member: PublicMember @@ -39,13 +39,82 @@ const EventActionCommitForm = (props: { formData: { size: string description: string + images?: string[] } setFormData: (data: { size: string description: string + images?: string[] }) => void + identityContext: IdentityContext }) => { const { formData, setFormData } = props + const fileInputRef = useRef(null) + + const handleImageSelect = async (e: React.ChangeEvent) => { + const files = e.target.files + if (!files || files.length === 0) return + + const newImages: string[] = [] + + for (let i = 0; i < files.length; i++) { + const file = files[i] + + // Validate file type + if (!file.type.startsWith("image/")) { + continue + } + + // Validate file size (max 10MB as per API spec) + if (file.size > 10 * 1024 * 1024) { + alert(`图片 ${file.name} 超过10MB大小限制`) + continue + } + + // Upload to server + try { + const formDataUpload = new FormData() + formDataUpload.append("file", file) + + const { data, error } = await saturdayClient.POST("/upload", { + params: { + header: { + Authorization: `Bearer ${props.identityContext.token}`, + }, + }, + body: formDataUpload as unknown as { file: string }, + bodySerializer: () => formDataUpload as unknown as string, + }) + + if (error || !data) { + throw new Error("Upload failed") + } + + newImages.push(data.url) + } + catch (error) { + console.error("Failed to upload image:", error) + alert(`图片 ${file.name} 上传失败`) + } + } + + setFormData({ + ...formData, + images: [...(formData.images || []), ...newImages], + }) + + // Reset file input + if (fileInputRef.current) { + fileInputRef.current.value = "" + } + } + + const handleRemoveImage = (index: number) => { + const newImages = [...(formData.images || [])] + newImages.splice(index, 1) + setFormData({ ...formData, images: newImages }) + } + return (
+ + + {formData.images && formData.images.length > 0 && ( +
+ {formData.images.map((image, index) => ( + + + {`Preview + + + + ))} +
+ )} + +
) } export const EventActionCommit = (props: EventActionProps) => { - const [formData, setFormData] = useState({ + const [formData, setFormData] = useState<{ + size: string + description: string + images?: string[] + }>({ size: "", description: "", + images: [], }) useEffect(() => { @@ -99,6 +228,7 @@ export const EventActionCommit = (props: EventActionProps) => { setFormData({ size: props.event.size || "", description: description || "", + images: [], }) }, [props.event]) @@ -116,6 +246,7 @@ export const EventActionCommit = (props: EventActionProps) => { body: { size: formData.size, content: formData.description, + images: formData.images, }, }) props.onLoading() @@ -126,6 +257,7 @@ export const EventActionCommit = (props: EventActionProps) => { - - + <> +
+ {/* Client Action Buttons */} + {canModify && ( +
+ + +
+ )} +
+ + {/* Edit Modal */} + {event && ( + )} - + + {/* Cancel Confirmation Modal */} + + + 确认取消维修预约 + +

你确定要取消这个维修预约吗?此操作无法撤销。

+ {event && ( +
+

#{event.eventId}

+

{event.problem}

+
+ )} + + + + + + + + ) }} - - {/* Edit Modal */} - {event && ( - - )} - - {/* Cancel Confirmation Modal */} - - - 确认取消维修预约 - -

你确定要取消这个维修预约吗?此操作无法撤销。

- {event && ( -
-

#{event.eventId}

-

{event.problem}

-
- )} - - - - - - - ) diff --git a/src/pages/repair/TicketForm.tsx b/src/pages/repair/TicketForm.tsx index 5b03089..7b3582f 100644 --- a/src/pages/repair/TicketForm.tsx +++ b/src/pages/repair/TicketForm.tsx @@ -1,7 +1,7 @@ -import { useEffect, useState } from "react" +import { useEffect, useState, useRef } from "react" import { makeLogtoClient } from "../../utils/auth" import type { UserInfoResponse } from "@logto/browser" -import { Alert, Form, Input, Button, Textarea } from "@heroui/react" +import { Alert, Form, Input, Button, Textarea, Card, CardBody } from "@heroui/react" import { saturdayClient } from "../../utils/client" import { safe } from "../../utils/safe" @@ -10,6 +10,7 @@ type TicketFormData = { phone?: string qq?: string description?: string + images?: string[] // image URLs from upload endpoint } type FormError = { @@ -48,6 +49,7 @@ function TicketForm(props: { const [submissionState, setSubmissionState] = useState("idle") const [formData, setFormData] = useState({}) const [errors, setErrors] = useState([]) + const fileInputRef = useRef(null) // Form persistence useEffect(() => { @@ -134,6 +136,71 @@ function TicketForm(props: { }) } + const handleImageSelect = async (e: React.ChangeEvent) => { + const files = e.target.files + if (!files || files.length === 0) return + + const newImages: string[] = [] + const logtoToken = await makeLogtoClient().getAccessToken() + + for (let i = 0; i < files.length; i++) { + const file = files[i] + + // Validate file type + if (!file.type.startsWith("image/")) { + continue + } + + // Validate file size (max 10MB as per API spec) + if (file.size > 10 * 1024 * 1024) { + setErrors([{ message: `图片 ${file.name} 超过10MB大小限制`, type: "validation" }]) + continue + } + + // Upload to server + try { + const formDataUpload = new FormData() + formDataUpload.append("file", file) + + const { data, error } = await saturdayClient.POST("/upload", { + params: { + header: { + Authorization: `Bearer ${logtoToken}`, + }, + }, + body: formDataUpload as unknown as { file: string }, + bodySerializer: () => formDataUpload as unknown as string, + }) + + if (error || !data) { + throw new Error("Upload failed") + } + + newImages.push(data.url) + } + catch (error) { + console.error("Failed to upload image:", error) + setErrors([{ message: `图片 ${file.name} 上传失败`, type: "network" }]) + } + } + + setFormData({ + ...formData, + images: [...(formData.images || []), ...newImages], + }) + + // Reset file input + if (fileInputRef.current) { + fileInputRef.current.value = "" + } + } + + const handleRemoveImage = (index: number) => { + const newImages = [...(formData.images || [])] + newImages.splice(index, 1) + setFormData({ ...formData, images: newImages }) + } + return (
{ @@ -227,6 +294,61 @@ function TicketForm(props: { description="填写设备型号,帮助我们更快的定位问题" /> + + {/* Image Upload Section */} +
+
+ 问题图片 + + (可选,最多5张,每张最大10MB) + +
+
+ + + + {formData.images && formData.images.length > 0 && ( +
+ {formData.images.map((image, index) => ( + + + {`Preview + + + + ))} +
+ )} +
+
+
联系方式
@@ -303,6 +425,7 @@ export default function App() { model: formData.model, phone: formData.phone, qq: formData.qq, + images: formData.images, }, }) // Update URL with eventId to persist the ticket status diff --git a/src/types/logto.d.ts b/src/types/logto.d.ts new file mode 100644 index 0000000..7ce182c --- /dev/null +++ b/src/types/logto.d.ts @@ -0,0 +1,29244 @@ +/** + * This file was auto-generated by openapi-typescript. + * Do not make direct changes to the file. + */ + +export interface paths { + "/api/applications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get applications + * @description Get applications that match the given query with pagination. + */ + get: operations["ListApplications"] + put?: never + /** + * Create an application + * @description Create a new application with the given data. + */ + post: operations["CreateApplication"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get application + * @description Get application details by ID. + */ + get: operations["GetApplication"] + put?: never + post?: never + /** + * Delete application + * @description Delete application by ID. + */ + delete: operations["DeleteApplication"] + options?: never + head?: never + /** + * Update application + * @description Update application details by ID with the given data. + */ + patch: operations["UpdateApplication"] + trace?: never + } + "/api/applications/{applicationId}/custom-data": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update application custom data + * @description Update the custom data of an application. + */ + patch: operations["UpdateApplicationCustomData"] + trace?: never + } + "/api/applications/{applicationId}/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get application API resource roles + * @description Get API resource roles assigned to the specified application with pagination. + */ + get: operations["ListApplicationRoles"] + /** + * Update API resource roles for application + * @description Update API resource roles assigned to the specified application. This will replace the existing API resource roles. + */ + put: operations["ReplaceApplicationRoles"] + /** + * Assign API resource roles to application + * @description Assign API resource roles to the specified application. The API resource roles will be added to the existing API resource roles. + */ + post: operations["AssignApplicationRoles"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{applicationId}/roles/{roleId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove a API resource role from application + * @description Remove a API resource role from the specified application. + */ + delete: operations["DeleteApplicationRole"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/protected-app-metadata/custom-domains": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get application custom domains. + * @description Get custom domains of the specified application, the application type should be protected app. + */ + get: operations["ListApplicationProtectedAppMetadataCustomDomains"] + put?: never + /** + * Add a custom domain to the application. + * @description Add a custom domain to the application. You'll need to setup DNS record later. + */ + post: operations["CreateApplicationProtectedAppMetadataCustomDomain"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/protected-app-metadata/custom-domains/{domain}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove custom domain. + * @description Remove custom domain from the specified application. + */ + delete: operations["DeleteApplicationProtectedAppMetadataCustomDomain"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/organizations": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get application organizations + * @description Get the list of organizations that an application is associated with. + */ + get: operations["ListApplicationOrganizations"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/legacy-secret": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete application legacy secret + * @description Delete the legacy secret for the application and replace it with a new internal secret. + * + * Note: This operation does not "really" delete the legacy secret because it is still needed for internal validation. We may remove the display of the legacy secret (the `secret` field in the application response) in the future. + */ + delete: operations["DeleteApplicationLegacySecret"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/secrets": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get application secrets + * @description Get all the secrets for the application. + */ + get: operations["ListApplicationSecrets"] + put?: never + /** + * Add application secret + * @description Add a new secret for the application. + */ + post: operations["CreateApplicationSecret"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/secrets/{name}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete application secret + * @description Delete a secret for the application by name. + */ + delete: operations["DeleteApplicationSecret"] + options?: never + head?: never + /** + * Update application secret + * @description Update a secret for the application by name. + */ + patch: operations["UpdateApplicationSecret"] + trace?: never + } + "/api/applications/{applicationId}/user-consent-scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * List all the user consent scopes of an application. + * @description List all the user consent scopes of an application by application id + */ + get: operations["ListApplicationUserConsentScopes"] + put?: never + /** + * Assign user consent scopes to application. + * @description Assign the user consent scopes to an application by application id + */ + post: operations["CreateApplicationUserConsentScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{applicationId}/user-consent-scopes/{scopeType}/{scopeId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove user consent scope from application. + * @description Remove the user consent scope from an application by application id, scope type and scope id + */ + delete: operations["DeleteApplicationUserConsentScope"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{applicationId}/sign-in-experience": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get the application level sign-in experience + * @description Get application level sign-in experience for a given application. + * - Only branding properties and terms links customization is supported for now. + * + * - Only third-party applications can have the sign-in experience customization for now. + */ + get: operations["GetApplicationSignInExperience"] + /** + * Update application level sign-in experience + * @description Update application level sign-in experience for the specified application. Create a new sign-in experience if it does not exist. + * - Only branding properties and terms links customization is supported for now. + * + * - Only third-party applications can be customized for now. + * + * - Application level sign-in experience customization is optional, if provided, it will override the default branding and terms links. + */ + put: operations["ReplaceApplicationSignInExperience"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/users/{userId}/consent-organizations": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * List all the user consented organizations of a application. + * @description List all the user consented organizations for a application by application id and user id. + */ + get: operations["ListApplicationUserConsentOrganizations"] + /** + * Grant a list of organization access of a user for a application. + * @description Grant a list of organization access of a user for a application by application id and user id.
The user must be a member of all the organizations.
Only third-party application needs to be granted access to organizations, all the other applications can request for all the organizations' access by default. + */ + put: operations["ReplaceApplicationUserConsentOrganizations"] + /** + * Grant a list of organization access of a user for a application. + * @description Grant a list of organization access of a user for a application by application id and user id.
The user must be a member of all the organizations.
Only third-party application needs to be granted access to organizations, all the other applications can request for all the organizations' access by default. + */ + post: operations["CreateApplicationUserConsentOrganization"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/applications/{id}/users/{userId}/consent-organizations/{organizationId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Revoke a user's access to an organization for a application. + * @description Revoke a user's access to an organization for a application by application id, user id and organization id. + */ + delete: operations["DeleteApplicationUserConsentOrganization"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/configs/admin-console": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get admin console config + * @description Get the global configuration object for Logto Console. + */ + get: operations["GetAdminConsoleConfig"] + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update admin console config + * @description Update the global configuration object for Logto Console. This method performs a partial update. + */ + patch: operations["UpdateAdminConsoleConfig"] + trace?: never + } + "/api/configs/oidc/{keyType}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get OIDC keys + * @description Get OIDC signing keys by key type. The actual key will be redacted from the result. + */ + get: operations["GetOidcKeys"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/configs/oidc/{keyType}/{keyId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete OIDC key + * @description Delete an OIDC signing key by key type and key ID. + */ + delete: operations["DeleteOidcKey"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/configs/oidc/{keyType}/rotate": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Rotate OIDC keys + * @description A new key will be generated and prepend to the list of keys. + * + * Only two recent keys will be kept. The oldest key will be automatically removed if there are more than two keys. + */ + post: operations["RotateOidcKeys"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/configs/jwt-customizer/{tokenTypePath}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get JWT customizer + * @description Get the JWT customizer for the given token type. + */ + get: operations["GetJwtCustomizer"] + /** + * Create or update JWT customizer + * @description Create or update a JWT customizer for the given token type. + */ + put: operations["UpsertJwtCustomizer"] + post?: never + /** + * Delete JWT customizer + * @description Delete the JWT customizer for the given token type. + */ + delete: operations["DeleteJwtCustomizer"] + options?: never + head?: never + /** + * Update JWT customizer + * @description Update the JWT customizer for the given token type. + */ + patch: operations["UpdateJwtCustomizer"] + trace?: never + } + "/api/configs/jwt-customizer": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get all JWT customizers + * @description Get all JWT customizers for the tenant. + */ + get: operations["ListJwtCustomizers"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/configs/jwt-customizer/test": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Test JWT customizer + * @description Test the JWT customizer script with the given sample context and sample token payload. + */ + post: operations["TestJwtCustomizer"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/connectors": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get connectors + * @description Get all connectors in the current tenant. + */ + get: operations["ListConnectors"] + put?: never + /** + * Create connector + * @description Create a connector with the given data. + */ + post: operations["CreateConnector"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/connectors/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get connector + * @description Get connector data by ID + */ + get: operations["GetConnector"] + put?: never + post?: never + /** + * Delete connector + * @description Delete connector by ID. + */ + delete: operations["DeleteConnector"] + options?: never + head?: never + /** + * Update connector + * @description Update connector by ID with the given data. This methods performs a partial update. + */ + patch: operations["UpdateConnector"] + trace?: never + } + "/api/connectors/{factoryId}/test": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Test passwordless connector + * @description Test a passwordless (email or SMS) connector by sending a test message to the given phone number or email address. + */ + post: operations["CreateConnectorTest"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/connectors/{connectorId}/authorization-uri": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Get connector's authorization URI + * @description Get authorization URI for specified connector by providing redirect URI and randomly generated state. + */ + post: operations["CreateConnectorAuthorizationUri"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/connector-factories": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get connector factories + * @description Get all connector factories data available in Logto. + */ + get: operations["ListConnectorFactories"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/connector-factories/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get connector factory + * @description Get connector factory by the given ID. + */ + get: operations["GetConnectorFactory"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/resources": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get API resources + * @description Get API resources in the current tenant with pagination. + */ + get: operations["ListResources"] + put?: never + /** + * Create an API resource + * @description Create an API resource in the current tenant. + */ + post: operations["CreateResource"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/resources/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get API resource + * @description Get an API resource details by ID. + */ + get: operations["GetResource"] + put?: never + post?: never + /** + * Delete API resource + * @description Delete an API resource by ID. + */ + delete: operations["DeleteResource"] + options?: never + head?: never + /** + * Update API resource + * @description Update an API resource details by ID with the given data. This method performs a partial update. + */ + patch: operations["UpdateResource"] + trace?: never + } + "/api/resources/{id}/is-default": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Set API resource as default + * @description Set an API resource as the default resource for the current tenant. + * + * Each tenant can have only one default API resource. If an API resource is set as default, the previously set default API resource will be set as non-default. See [this section](https://docs.logto.io/docs/references/resources/#default-api) for more information. + */ + patch: operations["UpdateResourceIsDefault"] + trace?: never + } + "/api/resources/{resourceId}/scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get API resource scopes + * @description Get scopes (permissions) defined for an API resource. + */ + get: operations["ListResourceScopes"] + put?: never + /** + * Create API resource scope + * @description Create a new scope (permission) for an API resource. + */ + post: operations["CreateResourceScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/resources/{resourceId}/scopes/{scopeId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete API resource scope + * @description Delete an API resource scope (permission) from the given resource. + */ + delete: operations["DeleteResourceScope"] + options?: never + head?: never + /** + * Update API resource scope + * @description Update an API resource scope (permission) for the given resource. This method performs a partial update. + */ + patch: operations["UpdateResourceScope"] + trace?: never + } + "/api/sign-in-exp": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get default sign-in experience settings + * @description Get the default sign-in experience settings. + */ + get: operations["GetSignInExp"] + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update default sign-in experience settings + * @description Update the default sign-in experience settings with the provided data. + */ + patch: operations["UpdateSignInExp"] + trace?: never + } + "/api/sign-in-exp/default/check-password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Check if a password meets the password policy + * @description Check if a password meets the password policy in the sign-in experience settings. + */ + post: operations["CheckPasswordWithDefaultSignInExperience"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/sign-in-exp/default/custom-ui-assets": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Upload custom UI assets + * @description Upload a zip file containing custom web assets such as HTML, CSS, and JavaScript files, then replace the default sign-in experience with the custom UI assets. + */ + post: operations["UploadCustomUiAssets"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get user + * @description Get user data for the given ID. + */ + get: operations["GetUser"] + put?: never + post?: never + /** + * Delete user + * @description Delete user with the given ID. Note all associated data will be deleted cascadingly. + */ + delete: operations["DeleteUser"] + options?: never + head?: never + /** + * Update user + * @description Update user data for the given ID. This method performs a partial update. + */ + patch: operations["UpdateUser"] + trace?: never + } + "/api/users/{userId}/custom-data": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get user custom data + * @description Get custom data for the given user ID. + */ + get: operations["ListUserCustomData"] + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update user custom data + * @description Update custom data for the given user ID. This method performs a partial update of the custom data object. + */ + patch: operations["UpdateUserCustomData"] + trace?: never + } + "/api/users/{userId}/profile": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update user profile + * @description Update profile for the given user ID. This method performs a partial update of the profile object. + */ + patch: operations["UpdateUserProfile"] + trace?: never + } + "/api/users": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get users + * @description Get users with filters and pagination. + * + * Logto provides a very flexible way to query users. You can filter users by almost any fields with multiple modes. To learn more about the query syntax, please refer to [Advanced user search](https://docs.logto.io/docs/recipes/manage-users/advanced-user-search/). + */ + get: operations["ListUsers"] + put?: never + /** + * Create user + * @description Create a new user with the given data. + */ + post: operations["CreateUser"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update user password + * @description Update user password for the given ID. + */ + patch: operations["UpdateUserPassword"] + trace?: never + } + "/api/users/{userId}/password/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify user password + * @description Test if the given password matches the user's password. + */ + post: operations["VerifyUserPassword"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/has-password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Check if user has password + * @description Check if the user with the given ID has a password set. + */ + get: operations["GetUserHasPassword"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/is-suspended": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update user suspension status + * @description Update user suspension status for the given ID. + */ + patch: operations["UpdateUserIsSuspended"] + trace?: never + } + "/api/users/{userId}/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get roles for user + * @description Get API resource roles assigned to the user with pagination. + */ + get: operations["ListUserRoles"] + /** + * Update roles for user + * @description Update API resource roles assigned to the user. This will replace the existing roles. + */ + put: operations["ReplaceUserRoles"] + /** + * Assign roles to user + * @description Assign API resource roles to the user. The roles will be added to the existing roles. + */ + post: operations["AssignUserRoles"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/roles/{roleId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove role from user + * @description Remove an API resource role from the user. + */ + delete: operations["DeleteUserRole"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/identities/{target}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Retrieve a user's social identity and associated token storage . + * @description This API retrieves the social identity and its associated token set for the specified user from the Logto Secret Vault. The token set will only be available if token storage is enabled for the corresponding social connector. + */ + get: operations["GetUserIdentity"] + /** + * Update social identity of user + * @description Directly update a social identity of the user. + */ + put: operations["ReplaceUserIdentity"] + post?: never + /** + * Delete social identity from user + * @description Delete a social identity from the user. + */ + delete: operations["DeleteUserIdentity"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/identities": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Link social identity to user + * @description Link authenticated user identity from a social platform to a Logto user. + * + * The usage of this API is usually coupled with `POST /connectors/:connectorId/authorization-uri`. With the help of these pair of APIs, you can implement a user profile page with the link social account feature in your application. + * + * Note: Currently due to technical limitations, this API does not support the following connectors that rely on Logto interaction session: `@logto/connector-apple`, `@logto/connector-saml`, `@logto/connector-oidc` and `@logto/connector-oauth`. + */ + post: operations["CreateUserIdentity"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/organizations": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organizations for a user + * @description Get all organizations that the user is a member of. In each organization object, the user's roles in that organization are included in the `organizationRoles` array. + */ + get: operations["ListUserOrganizations"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/mfa-verifications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get user's MFA verifications + * @description Get a user's existing MFA verifications for a given user ID. + */ + get: operations["ListUserMfaVerifications"] + put?: never + /** + * Create an MFA verification for a user + * @description Create a new MFA verification for a given user ID. + */ + post: operations["CreateUserMfaVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/mfa-verifications/{verificationId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete an MFA verification for a user + * @description Delete an MFA verification for the user with the given verification ID. The verification ID must be associated with the given user ID. + */ + delete: operations["DeleteUserMfaVerification"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/personal-access-tokens": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get personal access tokens + * @description Get all personal access tokens for the user. + */ + get: operations["ListUserPersonalAccessTokens"] + put?: never + /** + * Add personal access token + * @description Add a new personal access token for the user. + */ + post: operations["CreateUserPersonalAccessToken"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/personal-access-tokens/{name}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete personal access token + * @description Delete a token for the user by name. + */ + delete: operations["DeleteUserPersonalAccessToken"] + options?: never + head?: never + /** + * Update personal access token + * @description Update a token for the user by name. + */ + patch: operations["UpdateUserPersonalAccessToken"] + trace?: never + } + "/api/users/{userId}/sso-identities/{ssoConnectorId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Retrieve a user's enterprise SSO identity and associated token secret (if token storage is enabled). + * @description This API retrieves the user's enterprise SSO identity and associated token set record from the Logto Secret Vault. The token set will only be available if token storage is enabled for the corresponding SSO connector. + */ + get: operations["GetUserSsoIdentity"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/users/{userId}/all-identities": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Retrieve social identities, enterprise SSO identities and associated token secret (if token storage is enabled) for a user. + * @description This API retrieves all identities (social and enterprise SSO) for a user, along with their associated token set records from the Logto Secret Vault. The token sets will only be available if token storage is enabled for the corresponding identity connector. + */ + get: operations["ListUserAllIdentities"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/logs": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get logs + * @description Get logs that match the given query with pagination. + */ + get: operations["ListLogs"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/logs/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get log + * @description Get log details by ID. + */ + get: operations["GetLog"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get roles + * @description Get roles with filters and pagination. + */ + get: operations["ListRoles"] + put?: never + /** + * Create a role + * @description Create a new role with the given data. + */ + post: operations["CreateRole"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get role + * @description Get role details by ID. + */ + get: operations["GetRole"] + put?: never + post?: never + /** + * Delete role + * @description Delete a role with the given ID. + */ + delete: operations["DeleteRole"] + options?: never + head?: never + /** + * Update role + * @description Update role details. This method performs a partial update. + */ + patch: operations["UpdateRole"] + trace?: never + } + "/api/roles/{id}/users": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get role users + * @description Get users who have the role assigned with pagination. + */ + get: operations["ListRoleUsers"] + put?: never + /** + * Assign role to users + * @description Assign a role to a list of users. The role must have the type `User`. + */ + post: operations["CreateRoleUser"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}/users/{userId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove role from user + * @description Remove a role from a user with the given ID. + */ + delete: operations["DeleteRoleUser"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}/applications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get role applications + * @description Get applications that have the role assigned with pagination. + */ + get: operations["ListRoleApplications"] + put?: never + /** + * Assign role to applications + * @description Assign a role to a list of applications. The role must have the type `Application`. + */ + post: operations["CreateRoleApplication"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}/applications/{applicationId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove role from application + * @description Remove the role from an application with the given ID. + */ + delete: operations["DeleteRoleApplication"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}/scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get role scopes + * @description Get API resource scopes (permissions) linked with a role. + */ + get: operations["ListRoleScopes"] + put?: never + /** + * Link scopes to role + * @description Link a list of API resource scopes (permissions) to a role. The original linked scopes will be kept. + */ + post: operations["CreateRoleScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/roles/{id}/scopes/{scopeId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Unlink scope from role + * @description Unlink an API resource scope (permission) from a role with the given ID. + */ + delete: operations["DeleteRoleScope"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/dashboard/users/total": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get total user count + * @description Get total user count in the current tenant. + */ + get: operations["GetTotalUserCount"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/dashboard/users/new": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get new user count + * @description Get new user count in the past 7 days. + */ + get: operations["GetNewUserCounts"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/dashboard/users/active": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get active user data + * @description Get active user data, including daily active user (DAU), weekly active user (WAU) and monthly active user (MAU). It also includes an array of DAU in the past 30 days. + */ + get: operations["GetActiveUserCounts"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-phrases": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get all custom phrases + * @description Get all custom phrases for all languages. + */ + get: operations["ListCustomPhrases"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-phrases/{languageTag}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get custom phrases + * @description Get custom phrases for the specified language tag. + */ + get: operations["GetCustomPhrase"] + /** + * Upsert custom phrases + * @description Upsert custom phrases for the specified language tag. Upsert means that if the custom phrases already exist, they will be updated. Otherwise, they will be created. + */ + put: operations["ReplaceCustomPhrase"] + post?: never + /** + * Delete custom phrase + * @description Delete custom phrases for the specified language tag. + */ + delete: operations["DeleteCustomPhrase"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/hooks": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get hooks + * @description Get a list of hooks with optional pagination. + */ + get: operations["ListHooks"] + put?: never + /** + * Create a hook + * @description Create a new hook with the given data. + */ + post: operations["CreateHook"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/hooks/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get hook + * @description Get hook details by ID. + */ + get: operations["GetHook"] + put?: never + post?: never + /** + * Delete hook + * @description Delete hook by ID. + */ + delete: operations["DeleteHook"] + options?: never + head?: never + /** + * Update hook + * @description Update hook details by ID with the given data. + */ + patch: operations["UpdateHook"] + trace?: never + } + "/api/hooks/{id}/recent-logs": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get recent logs for a hook + * @description Get recent logs that match the given query for the specified hook with pagination. + */ + get: operations["ListHookRecentLogs"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/hooks/{id}/test": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Test hook + * @description Test the specified hook with the given events and config. + */ + post: operations["CreateHookTest"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/hooks/{id}/signing-key": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update signing key for a hook + * @description Update the signing key for the specified hook. + */ + patch: operations["UpdateHookSigningKey"] + trace?: never + } + "/api/verification-codes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Request and send a verification code + * @description Request a verification code for the provided identifier (email/phone). + * if you're using email as the identifier, you need to setup your email connector first. + * if you're using phone as the identifier, you need to setup your SMS connector first. + */ + post: operations["CreateVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verification-codes/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify a verification code + * @description Verify a verification code for a specified identifier. + * if you're using email as the identifier, you need to setup your email connector first. + * if you're using phone as the identifier, you need to setup your SMS connector first. + */ + post: operations["VerifyVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/user-assets/service-status": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get service status + * @description Get user assets service status. + */ + get: operations["GetUserAssetServiceStatus"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/user-assets": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Upload asset + * @description Upload a user asset. + */ + post: operations["CreateUserAsset"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/domains": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get domains + * @description Get all of your custom domains. + */ + get: operations["ListDomains"] + put?: never + /** + * Create domain + * @description Create a new domain with the given data. The maximum domain number is 1, once created, can not be modified, you'll have to delete and recreate one. + */ + post: operations["CreateDomain"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/domains/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get domain + * @description Get domain details by ID, by calling this API, the domain status will be synced from remote provider. + */ + get: operations["GetDomain"] + put?: never + post?: never + /** + * Delete domain + * @description Delete domain by ID. + */ + delete: operations["DeleteDomain"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-roles/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization role + * @description Get organization role details by ID. + */ + get: operations["GetOrganizationRole"] + put?: never + post?: never + /** + * Delete organization role + * @description Delete organization role by ID. + */ + delete: operations["DeleteOrganizationRole"] + options?: never + head?: never + /** + * Update organization role + * @description Update organization role details by ID with the given data. + */ + patch: operations["UpdateOrganizationRole"] + trace?: never + } + "/api/organization-roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization roles + * @description Get organization roles with pagination. + */ + get: operations["ListOrganizationRoles"] + put?: never + /** + * Create an organization role + * @description Create a new organization role with the given data. + */ + post: operations["CreateOrganizationRole"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-roles/{id}/scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization role scopes + * @description Get organization scopes that are assigned to the specified organization role with optional pagination. + */ + get: operations["ListOrganizationRoleScopes"] + /** + * Replace organization scopes for organization role + * @description Replace all organization scopes that are assigned to the specified organization role with the given organization scopes. This effectively removes all existing organization scope assignments and replaces them with the new ones. + */ + put: operations["ReplaceOrganizationRoleScopes"] + /** + * Assign organization scopes to organization role + * @description Assign organization scopes to the specified organization role + */ + post: operations["CreateOrganizationRoleScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-roles/{id}/scopes/{organizationScopeId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization scope + * @description Remove a organization scope assignment from the specified organization role. + */ + delete: operations["DeleteOrganizationRoleScope"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-roles/{id}/resource-scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization role resource scopes + * @description Get resource scopes that are assigned to the specified organization role with optional pagination. + */ + get: operations["ListOrganizationRoleResourceScopes"] + /** + * Replace resource scopes for organization role + * @description Replace all resource scopes that are assigned to the specified organization role with the given resource scopes. This effectively removes all existing organization scope assignments and replaces them with the new ones. + */ + put: operations["ReplaceOrganizationRoleResourceScopes"] + /** + * Assign resource scopes to organization role + * @description Assign resource scopes to the specified organization role + */ + post: operations["CreateOrganizationRoleResourceScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-roles/{id}/resource-scopes/{scopeId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove resource scope + * @description Remove a resource scope assignment from the specified organization role. + */ + delete: operations["DeleteOrganizationRoleResourceScope"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization scopes + * @description Get organization scopes that match with optional pagination. + */ + get: operations["ListOrganizationScopes"] + put?: never + /** + * Create an organization scope + * @description Create a new organization scope with the given data. + */ + post: operations["CreateOrganizationScope"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-scopes/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization scope + * @description Get organization scope details by ID. + */ + get: operations["GetOrganizationScope"] + put?: never + post?: never + /** + * Delete organization scope + * @description Delete organization scope by ID. + */ + delete: operations["DeleteOrganizationScope"] + options?: never + head?: never + /** + * Update organization scope + * @description Update organization scope details by ID with the given data. + */ + patch: operations["UpdateOrganizationScope"] + trace?: never + } + "/api/organization-invitations/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization invitation + * @description Get an organization invitation by ID. + */ + get: operations["GetOrganizationInvitation"] + put?: never + post?: never + /** + * Delete organization invitation + * @description Delete an organization invitation by ID. + */ + delete: operations["DeleteOrganizationInvitation"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-invitations": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization invitations + * @description Get organization invitations. + */ + get: operations["ListOrganizationInvitations"] + put?: never + /** + * Create organization invitation + * @description Create an organization invitation and optionally send it via email. The tenant should have an email connector configured if you want to send the invitation via email at this point. + */ + post: operations["CreateOrganizationInvitation"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-invitations/{id}/message": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Resend invitation message + * @description Resend the invitation message to the invitee. + */ + post: operations["CreateOrganizationInvitationMessage"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organization-invitations/{id}/status": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + /** + * Update organization invitation status + * @description Update the status of an organization invitation by ID. + */ + put: operations["ReplaceOrganizationInvitationStatus"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organizations + * @description Get organizations that match the given query with pagination. + */ + get: operations["ListOrganizations"] + put?: never + /** + * Create an organization + * @description Create a new organization with the given data. + */ + post: operations["CreateOrganization"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization + * @description Get organization details by ID. + */ + get: operations["GetOrganization"] + put?: never + post?: never + /** + * Delete organization + * @description Delete organization by ID. + */ + delete: operations["DeleteOrganization"] + options?: never + head?: never + /** + * Update organization + * @description Update organization details by ID with the given data. + */ + patch: operations["UpdateOrganization"] + trace?: never + } + "/api/organizations/{id}/users": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization user members + * @description Get users that are members of the specified organization for the given query with pagination. + */ + get: operations["ListOrganizationUsers"] + /** + * Replace organization user members + * @description Replace all user members for the specified organization with the given users. This effectively removing all existing user memberships in the organization and adding the new users as members. + */ + put: operations["ReplaceOrganizationUsers"] + /** + * Add user members to organization + * @description Add users as members to the specified organization with the given user IDs. + */ + post: operations["AddOrganizationUsers"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/users/{userId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove user member from organization + * @description Remove a user's membership from the specified organization. + */ + delete: operations["DeleteOrganizationUser"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/users/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Assign roles to organization user members + * @description Assign roles to user members of the specified organization. + */ + post: operations["AssignOrganizationRolesToUsers"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/users/{userId}/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get roles for a user in an organization + * @description Get roles assigned to a user in the specified organization with pagination. + */ + get: operations["ListOrganizationUserRoles"] + /** + * Update roles for a user in an organization + * @description Update roles assigned to a user in the specified organization with the provided data. + */ + put: operations["ReplaceOrganizationUserRoles"] + /** + * Assign roles to a user in an organization + * @description Assign roles to a user in the specified organization with the provided data. + */ + post: operations["AssignOrganizationRolesToUser"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/users/{userId}/roles/{organizationRoleId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove a role from a user in an organization + * @description Remove a role assignment from a user in the specified organization. + */ + delete: operations["DeleteOrganizationUserRole"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/users/{userId}/scopes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get scopes for a user in an organization tailored by the organization roles + * @description Get scopes assigned to a user in the specified organization tailored by the organization roles. The scopes are derived from the organization roles assigned to the user. + */ + get: operations["ListOrganizationUserScopes"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/applications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization applications + * @description Get applications associated with the organization. + */ + get: operations["ListOrganizationApplications"] + /** + * Replace organization applications + * @description Replace all applications associated with the organization with the given data. + */ + put: operations["ReplaceOrganizationApplications"] + /** + * Add organization application + * @description Add an application to the organization. + */ + post: operations["AddOrganizationApplications"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/applications/{applicationId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization application + * @description Remove an application from the organization. + */ + delete: operations["DeleteOrganizationApplication"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/applications/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Assign roles to applications in an organization + * @description Assign roles to applications in the specified organization. + */ + post: operations["AssignOrganizationRolesToApplications"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/applications/{applicationId}/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization application roles + * @description Get roles associated with the application in the organization. + */ + get: operations["ListOrganizationApplicationRoles"] + /** + * Replace organization application roles + * @description Replace all roles associated with the application in the organization with the given data. + */ + put: operations["ReplaceOrganizationApplicationRoles"] + /** + * Add organization application role + * @description Add a role to the application in the organization. + */ + post: operations["AssignOrganizationRolesToApplication"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/applications/{applicationId}/roles/{organizationRoleId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization application role + * @description Remove a role from the application in the organization. + */ + delete: operations["DeleteOrganizationApplicationRole"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/email-domains": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization JIT email domains + * @description Get email domains for just-in-time provisioning of users in the organization. + */ + get: operations["ListOrganizationJitEmailDomains"] + /** + * Replace organization JIT email domains + * @description Replace all just-in-time provisioning email domains for the organization with the given data. + */ + put: operations["ReplaceOrganizationJitEmailDomains"] + /** + * Add organization JIT email domain + * @description Add a new email domain for just-in-time provisioning of users in the organization. + */ + post: operations["CreateOrganizationJitEmailDomain"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/email-domains/{emailDomain}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization JIT email domain + * @description Remove an email domain for just-in-time provisioning of users in the organization. + */ + delete: operations["DeleteOrganizationJitEmailDomain"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/roles": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization JIT default roles + * @description Get organization roles that will be assigned to users during just-in-time provisioning. + */ + get: operations["ListOrganizationJitRoles"] + /** + * Replace organization JIT default roles + * @description Replace all organization roles that will be assigned to users during just-in-time provisioning with the given data. + */ + put: operations["ReplaceOrganizationJitRoles"] + /** + * Add organization JIT default roles + * @description Add new organization roles that will be assigned to users during just-in-time provisioning. + */ + post: operations["CreateOrganizationJitRole"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/roles/{organizationRoleId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization JIT default role + * @description Remove an organization role that will be assigned to users during just-in-time provisioning. + */ + delete: operations["DeleteOrganizationJitRole"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/sso-connectors": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get organization JIT SSO connectors + * @description Get enterprise SSO connectors for just-in-time provisioning of users in the organization. + */ + get: operations["ListOrganizationJitSsoConnectors"] + /** + * Replace organization JIT SSO connectors + * @description Replace all enterprise SSO connectors for just-in-time provisioning of users in the organization with the given data. + */ + put: operations["ReplaceOrganizationJitSsoConnectors"] + /** + * Add organization JIT SSO connectors + * @description Add new enterprise SSO connectors for just-in-time provisioning of users in the organization. + */ + post: operations["CreateOrganizationJitSsoConnector"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/organizations/{id}/jit/sso-connectors/{ssoConnectorId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Remove organization JIT SSO connector + * @description Remove an enterprise SSO connector for just-in-time provisioning of users in the organization. + */ + delete: operations["DeleteOrganizationJitSsoConnector"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/sso-connector-providers": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * List all the supported SSO connector provider details + * @description Get a complete list of supported SSO connector providers. + */ + get: operations["ListSsoConnectorProviders"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/sso-connectors": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * List SSO connectors + * @description Get SSO connectors with pagination. In addition to the raw SSO connector data, a copy of fetched or parsed IdP configs and a copy of connector provider's data will be attached. + */ + get: operations["ListSsoConnectors"] + put?: never + /** + * Create SSO connector + * @description Create an new SSO connector instance for a given provider. + */ + post: operations["CreateSsoConnector"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/sso-connectors/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get SSO connector + * @description Get SSO connector data by ID. In addition to the raw SSO connector data, a copy of fetched or parsed IdP configs and a copy of connector provider's data will be attached. + */ + get: operations["GetSsoConnector"] + put?: never + post?: never + /** + * Delete SSO connector + * @description Delete an SSO connector by ID. + */ + delete: operations["DeleteSsoConnector"] + options?: never + head?: never + /** + * Update SSO connector + * @description Update an SSO connector by ID. This method performs a partial update. + */ + patch: operations["UpdateSsoConnector"] + trace?: never + } + "/api/systems/application": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get the application constants. + * @description Get the application constants. + */ + get: operations["GetSystemApplicationConfig"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/subject-tokens": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create a new subject token. + * @description Create a new subject token for the use of impersonating the user. + */ + post: operations["CreateSubjectToken"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/account-center": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get account center settings + * @description Get the account center settings. + */ + get: operations["GetAccountCenterSettings"] + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update account center settings + * @description Update the account center settings with the provided settings. + */ + patch: operations["UpdateAccountCenterSettings"] + trace?: never + } + "/api/saml-applications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create SAML application + * @description Create a new SAML application with the given configuration. A default signing certificate with 3 years lifetime will be automatically created. + */ + post: operations["CreateSamlApplication"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/saml-applications/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get SAML application + * @description Get SAML application details by ID. + */ + get: operations["GetSamlApplication"] + put?: never + post?: never + /** + * Delete SAML application + * @description Delete a SAML application by ID. + */ + delete: operations["DeleteSamlApplication"] + options?: never + head?: never + /** + * Update SAML application + * @description Update SAML application details by ID. + */ + patch: operations["UpdateSamlApplication"] + trace?: never + } + "/api/saml-applications/{id}/secrets": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * List SAML application secrets + * @description Get all signing certificates of the SAML application. + */ + get: operations["ListSamlApplicationSecrets"] + put?: never + /** + * Create SAML application secret + * @description Create a new signing certificate for the SAML application. + */ + post: operations["CreateSamlApplicationSecret"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/saml-applications/{id}/secrets/{secretId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete SAML application secret + * @description Delete a signing certificate of the SAML application. Active certificates cannot be deleted. + */ + delete: operations["DeleteSamlApplicationSecret"] + options?: never + head?: never + /** + * Update SAML application secret + * @description Update the status of a signing certificate. + */ + patch: operations["UpdateSamlApplicationSecret"] + trace?: never + } + "/api/email-templates": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get email templates + * @description Get the list of email templates. + */ + get: operations["ListEmailTemplates"] + /** + * Replace email templates + * @description Create or replace a list of email templates. If an email template with the same language tag and template type already exists, its details will be updated. + */ + put: operations["ReplaceEmailTemplates"] + post?: never + /** + * Delete email templates + * @description Bulk delete email templates by their language tag and template type. + */ + delete: operations["DeleteEmailTemplates"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/email-templates/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get email template by ID + * @description Get the email template by its ID. + */ + get: operations["GetEmailTemplate"] + put?: never + post?: never + /** + * Delete an email template + * @description Delete an email template by its ID. + */ + delete: operations["DeleteEmailTemplate"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/email-templates/{id}/details": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update email template details + * @description Update the details of an email template by its ID. + */ + patch: operations["UpdateEmailTemplateDetails"] + trace?: never + } + "/api/one-time-tokens": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get one-time tokens + * @description Get a list of one-time tokens, filtering by email and status, with optional pagination. + */ + get: operations["ListOneTimeTokens"] + put?: never + /** + * Create one-time token + * @description Create a new one-time token associated with an email address. The token can be used for verification purposes and has an expiration time. + */ + post: operations["AddOneTimeTokens"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/one-time-tokens/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get one-time token by ID + * @description Get a one-time token by its ID. + */ + get: operations["GetOneTimeToken"] + put?: never + post?: never + /** + * Delete one-time token by ID + * @description Delete a one-time token by its ID. + */ + delete: operations["DeleteOneTimeToken"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/one-time-tokens/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify one-time token + * @description Verify a one-time token associated with an email address. If the token is valid and not expired, it will be marked as consumed. + */ + post: operations["VerifyOneTimeToken"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/one-time-tokens/{id}/status": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + /** + * Update one-time token status + * @description Update the status of a one-time token by its ID. This can be used to mark the token as consumed or expired. + */ + put: operations["ReplaceOneTimeTokenStatus"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/captcha-provider": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get captcha provider + * @description Get the captcha provider, you can only have one captcha provider. + */ + get: operations["GetCaptchaProvider"] + /** + * Update captcha provider + * @description Update the captcha provider with the provided settings. + */ + put: operations["UpdateCaptchaProvider"] + post?: never + /** + * Delete captcha provider + * @description Delete the captcha provider. + */ + delete: operations["DeleteCaptchaProvider"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/sentinel-activities/delete": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Bulk delete sentinel activities + * @description Remove sentinel activity reports based on the provided target value(identifier).Use this endpoint to unblock users who may be locked out due to too many failed authentication attempts. + */ + post: operations["DeleteSentinelActivities"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-profile-fields": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get all custom profile fields + * @description Get all custom profile fields. + */ + get: operations["ListCustomProfileFields"] + put?: never + /** + * Create a custom profile field + * @description Create a custom profile field. + */ + post: operations["CreateCustomProfileField"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-profile-fields/{name}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get a custom profile field by name + * @description Get a custom profile field by name. + */ + get: operations["GetCustomProfileFieldByName"] + /** + * Update a custom profile field by name + * @description Update a custom profile field by name. + */ + put: operations["UpdateCustomProfileFieldByName"] + post?: never + /** + * Delete a custom profile field by name + * @description Delete a custom profile field by name. + */ + delete: operations["DeleteCustomProfileFieldByName"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-profile-fields/batch": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Batch create custom profile fields + * @description Create multiple custom profile fields in a single request (max 20 items). + */ + post: operations["CreateCustomProfileFieldsBatch"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/custom-profile-fields/properties/sie-order": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Update the display order of the custom profile fields in Sign-in Experience. + * @description Update the display order of the custom profile fields in Sign-in Experience. + */ + post: operations["UpdateCustomProfileFieldsSieOrder"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/secrets/{id}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete secret + * @description Delete a secret by its ID. + */ + delete: operations["DeleteSecret"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/sign-in-exp": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get full sign-in experience + * @deprecated + * @description Get the full sign-in experience configuration. + */ + get: operations["GetSignInExperienceConfig"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/phrases": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get localized phrases + * @description Get localized phrases based on the specified language. + */ + get: operations["GetSignInExperiencePhrases"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/experience": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get full sign-in experience + * @description Get the full sign-in experience configuration. + */ + get: operations["GetWellKnownExperience"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/status": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Health check + * @description The traditional health check API. No authentication needed. + * + * > **Note** + * > Even if 204 is returned, it does not guarantee all the APIs are working properly since they may depend on additional resources or external services. + */ + get: operations["GetStatus"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/authn/hasura": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Hasura auth hook endpoint + * @description The `HASURA_GRAPHQL_AUTH_HOOK` endpoint for Hasura auth. Use this endpoint to integrate Hasura's [webhook authentication flow](https://hasura.io/docs/latest/auth/authentication/webhook/). + */ + get: operations["GetHasuraAuth"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/authn/saml/{connectorId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * SAML ACS endpoint (social) + * @deprecated + * @description The Assertion Consumer Service (ACS) endpoint for Simple Assertion Markup Language (SAML) social connectors. + * + * SAML social connectors are deprecated. Use the SSO SAML connector instead. + */ + post: operations["AssertSaml"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/authn/single-sign-on/saml/{connectorId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * SAML ACS endpoint (SSO) + * @description The Assertion Consumer Service (ACS) endpoint for Simple Assertion Markup Language (SAML) single sign-on (SSO) connectors. + * + * This endpoint is used to complete the SAML SSO authentication flow. It receives the SAML assertion response from the identity provider (IdP) and redirects the user to complete the authentication flow. + */ + post: operations["AssertSingleSignOnSaml"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/saml-applications/{id}/metadata": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get SAML application metadata + * @description Get the SAML metadata XML for the application. + */ + get: operations["ListSamlApplicationMetadata"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/saml-applications/{id}/callback": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * SAML application callback + * @description Handle the OIDC callback for SAML application and generate SAML response. + */ + get: operations["GetSamlApplicationCallback"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/saml/{id}/authn": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Handle SAML authentication request (Redirect binding) + * @description Process SAML authentication request using HTTP Redirect binding. + */ + get: operations["GetSamlAuthn"] + put?: never + /** + * Handle SAML authentication request (POST binding) + * @description Process SAML authentication request using HTTP POST binding. + */ + post: operations["CreateSamlAuthn"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/management.openapi.json": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get Management API swagger JSON + * @description The endpoint for the Management API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification. + */ + get: operations["GetWellKnownManagementOpenapiJson"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/experience.openapi.json": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get Experience API swagger JSON + * @description The endpoint for the Experience API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification. + */ + get: operations["GetWellKnownExperienceOpenapiJson"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/.well-known/user.openapi.json": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get User API swagger JSON + * @description The endpoint for the User API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification. + */ + get: operations["GetWellKnownUserOpenapiJson"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/swagger.json": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get Swagger JSON + * @description The endpoint for the current JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification. + */ + get: operations["GetSwaggerJson"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + /** + * Init new interaction + * @description Init a new experience interaction with the given interaction type. Any existing interaction data will be cleared. + */ + put: operations["InitInteraction"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/interaction-event": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + /** + * Update interaction event + * @description Update the current experience interaction event to the given event type. This API is used to switch the interaction event between `SignIn` and `Register`, while keeping all the verification records data. + */ + put: operations["UpdateInteractionEvent"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/identification": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Identify user for the current interaction + * @description This API identifies the user based on the verificationId within the current experience interaction:
- `SignIn` and `ForgotPassword` interactions: Verifies the user's identity using the provided `verificationId`.
- `Register` interaction: Creates a new user account using the profile data from the current interaction. If a verificationId is provided, the profile data will first be updated with the verification record before creating the account. If not, the account is created directly from the stored profile data. + */ + post: operations["IdentifyUser"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/submit": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Submit interaction + * @description Submit the current interaction.
- Submit the verified user identity to the OIDC provider for further authentication (SignIn and Register).
- Update the user's profile data if any (SignIn and Register).
- Reset the password and clear all the interaction records (ForgotPassword). + */ + post: operations["SubmitInteraction"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/interaction": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get public interaction data + * @description Get the public interaction data. + */ + get: operations["GetInteraction"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create password verification record + * @description Create and verify a new Password verification record. The verification record can only be created if the provided user credentials are correct. + */ + post: operations["CreatePasswordVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/verification-code": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create and send verification code + * @description Create a new `CodeVerification` record and sends the code to the specified identifier. The code verification can be used to verify the given identifier. + */ + post: operations["CreateAndSendVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/verification-code/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify verification code + * @description Verify the provided verification code against the user's identifier. If successful, the verification record will be marked as verified. + */ + post: operations["VerifyVerificationCodeVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/mfa-verification-code": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create and send MFA verification code + * @description Create a new MFA verification code and send it to the user's bound identifier (email or phone). This endpoint automatically uses the user's bound email address or phone number from their profile for MFA verification. The user must be identified before calling this endpoint. + */ + post: operations["CreateAndSendMfaVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/mfa-verification-code/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify MFA verification code + * @description Verify the provided MFA verification code. The verification code must have been sent using the MFA verification code endpoint. This endpoint verifies the code against the user's bound identifier and marks the verification as complete if successful. + */ + post: operations["VerifyMfaVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/social/{connectorId}/authorization-uri": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create social verification + * @description Create a new SocialVerification record and return the provider's authorization URI for the given connector. + */ + post: operations["CreateSocialVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/social/{connectorId}/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify social verification + * @description Verify the social authorization response data and get the user's identity data from the social provider. + */ + post: operations["VerifySocialVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/sso/{connectorId}/authorization-uri": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create enterprise SSO verification + * @description Create a new EnterpriseSSO verification record and return the provider's authorization URI for the given connector. + */ + post: operations["CreateEnterpriseSsoVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/sso/{connectorId}/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify enterprise SSO verification + * @description Verify the SSO authorization response data and get the user's identity from the SSO provider. + */ + post: operations["VerifyEnterpriseSsoVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/totp/secret": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create TOTP secret + * @description Create a new TOTP verification record and generate a new TOTP secret for the user. This secret can be used to bind a new TOTP verification to the user's profile. The verification record must be verified before the secret can be used to bind a new TOTP verification to the user's profile. + */ + post: operations["CreateTotpSecret"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/totp/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify TOTP verification + * @description Verifies the provided TOTP code against the new created TOTP secret or the existing TOTP secret. If a verificationId is provided, this API will verify the code against the TOTP secret that is associated with the verification record. Otherwise, a new TOTP verification record will be created and verified against the user's existing TOTP secret. + */ + post: operations["VerifyTotpVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/web-authn/registration": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create WebAuthn registration verification + * @description Create a new WebAuthn registration verification record. The verification record can be used to bind a new WebAuthn credential to the user's profile. + */ + post: operations["CreateWebAuthnRegistrationVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/web-authn/registration/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify WebAuthn registration verification + * @description Verify the WebAuthn registration response against the user's WebAuthn registration challenge. If the response is valid, the WebAuthn registration record will be marked as verified. + */ + post: operations["VerifyWebAuthnRegistrationVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/web-authn/authentication": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create WebAuthn authentication verification + * @description Create a new WebAuthn authentication verification record based on the user's existing WebAuthn credential. This verification record can be used to verify the user's WebAuthn credential. + */ + post: operations["CreateWebAuthnAuthenticationVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/web-authn/authentication/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify WebAuthn authentication verification + * @description Verifies the WebAuthn authentication response against the user's authentication challenge. Upon successful verification, the verification record will be marked as verified. + */ + post: operations["VerifyWebAuthnAuthenticationVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/backup-code/generate": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Generate backup codes + * @description Create a new BackupCode verification record with new backup codes generated. This verification record will be used to bind the backup codes to the user's profile. + */ + post: operations["GenerateBackupCodes"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/backup-code/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify backup code + * @description Create a new BackupCode verification record and verify the provided backup code against the user's backup codes. The verification record will be marked as verified if the code is correct. + */ + post: operations["VerifyBackupCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/new-password-identity": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create new password identity verification + * @description Create a NewPasswordIdentity verification record for the new user registration use. The verification record includes a unique user identifier and a password that can be used to create a new user account. + */ + post: operations["CreateNewPasswordIdentityVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/verification/one-time-token/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify one-time token + * @description Verify the provided one-time token against the user's email. If successful, the verification record will be marked as verified. + */ + post: operations["VerifyOneTimeTokenVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/profile": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Add user profile + * @description Adds user profile data to the current experience interaction.
- For `Register`: The profile data provided before the identification request will be used to create a new user account.
- For `SignIn` and `Register`: The profile data provided after the user is identified will be used to update the user's profile when the interaction is submitted.
- `ForgotPassword`: Not supported. + */ + post: operations["AddUserProfile"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/profile/password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + /** + * Reset user password + * @description Reset the user's password. (`ForgotPassword` interaction only) + */ + put: operations["ResetUserPassword"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/profile/mfa/mfa-skipped": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Skip MFA binding flow + * @description Skip MFA verification binding flow. If the MFA is enabled in the sign-in experience settings and marked as `UserControlled`, the user can skip the MFA verification binding flow by calling this API. + */ + post: operations["SkipMfaBindingFlow"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/profile/mfa": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Bind MFA verification by verificationId + * @description Bind new MFA verification to the user profile using the verificationId. + */ + post: operations["BindMfaVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/experience/sso-connectors": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get enabled SSO connectors by the given email's domain + * @description Extract the email domain from the provided email address. Returns all the enabled SSO connectors that match the email domain. + */ + get: operations["GetEnabledSsoConnectors"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get profile + * @description Get profile for the user. + */ + get: operations["GetProfile"] + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update profile + * @description Update profile for the user, only the fields that are passed in will be updated. + */ + patch: operations["UpdateProfile"] + trace?: never + } + "/api/my-account/profile": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update other profile + * @description Update other profile for the user, only the fields that are passed in will be updated, to update the address, the user must have the address scope. + */ + patch: operations["UpdateOtherProfile"] + trace?: never + } + "/api/my-account/password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Update password + * @description Update password for the user, a logto-verification-id in header is required for checking sensitive permissions. + */ + post: operations["UpdatePassword"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/identities/{target}/access-token": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Retrieve the access token issued by a third-party social provider + * @description This API retrieves the access token issued by a third-party social provider for a given social target. + * Access is only available if token storage is enabled for the corresponding social connector. + * When a user authenticates through a social provider, Logto automatically stores the provider’s tokens in an encrypted form. + * You can use this API to securely retrieve the stored access token and use it to access third-party APIs on behalf of the user. + */ + get: operations["GetSocialIdentityAccessToken"] + /** + * Update the access token for a social identity by verification ID + * @description This API updates the token storage for a social identity by a given social verification ID. + * It is used to fetch a new access token from the social provider and store it securely in Logto. + */ + put: operations["UpdateSocialIdentityAccessTokenByVerificationId"] + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/sso-identities/{connectorId}/access-token": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Retrieve the access token issued by a third-party enterprise SSO provider + * @description This API retrieves the access token issued by a third-party enterprise SSO provider for a given SSO connector ID. + * Access is only available if token storage is enabled for the corresponding connector. + * When a user authenticates through a SSO provider, Logto automatically stores the provider’s tokens in an encrypted form. + * You can use this API to securely retrieve the stored access token and use it to access third-party APIs on behalf of the user. + */ + get: operations["GetEnterpriseSsoIdentityAccessToken"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/primary-email": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Update primary email + * @description Update primary email for the user, a logto-verification-id in header is required for checking sensitive permissions, and a new identifier verification record is required for the new email ownership verification. + */ + post: operations["UpdatePrimaryEmail"] + /** + * Delete primary email + * @description Delete primary email for the user, a verification-record-id in header is required for checking sensitive permissions. + */ + delete: operations["DeletePrimaryEmail"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/primary-phone": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Update primary phone + * @description Update primary phone for the user, a logto-verification-id in header is required for checking sensitive permissions, and a new identifier verification record is required for the new phone ownership verification. + */ + post: operations["UpdatePrimaryPhone"] + /** + * Delete primary phone + * @description Delete primary phone for the user, a verification-record-id in header is required for checking sensitive permissions. + */ + delete: operations["DeletePrimaryPhone"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/identities": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Add a user identity + * @description Add an identity (social identity) to the user, a logto-verification-id in header is required for checking sensitive permissions, and a verification record for the social identity is required. + */ + post: operations["AddUserIdentities"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/identities/{target}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete a user identity + * @description Delete an identity (social identity) from the user, a logto-verification-id in header is required for checking sensitive permissions. + */ + delete: operations["DeleteIdentity"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/mfa-verifications": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get MFA verifications + * @description Get MFA verifications for the user. + */ + get: operations["GetMfaVerifications"] + put?: never + /** + * Add a MFA verification + * @description Add a MFA verification to the user, a logto-verification-id in header is required for checking sensitive permissions. + */ + post: operations["AddMfaVerification"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/mfa-verifications/totp-secret/generate": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Generate a TOTP secret + * @description Generate a TOTP secret for the user. + */ + post: operations["GenerateTotpSecret"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/mfa-verifications/backup-codes/generate": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Generate backup codes + * @description Generate backup codes for the user. + */ + post: operations["GenerateMyAccountBackupCodes"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/mfa-verifications/backup-codes": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** + * Get backup codes + * @description Get all backup codes for the user with their usage status. Requires identity verification. + */ + get: operations["GetBackupCodes"] + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/my-account/mfa-verifications/{verificationId}/name": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + /** + * Update a MFA verification name + * @description Update a MFA verification name, a logto-verification-id in header is required for checking sensitive permissions. Only WebAuthn is supported for now. + */ + patch: operations["UpdateMfaVerificationName"] + trace?: never + } + "/api/my-account/mfa-verifications/{verificationId}": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + /** + * Delete an MFA verification + * @description Delete an MFA verification, a logto-verification-id in header is required for checking sensitive permissions. + */ + delete: operations["DeleteMfaVerification"] + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/password": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create a record by password + * @description Create a verification record by verifying the password. + */ + post: operations["CreateVerificationByPassword"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/verification-code": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create a record by verification code + * @description Create a verification record and send the code to the specified identifier. The code verification can be used to verify the given identifier. + */ + post: operations["CreateVerificationByVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/verification-code/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify verification code + * @description Verify the provided verification code against the identifier. If successful, the verification record will be marked as verified. + */ + post: operations["VerifyVerificationByVerificationCode"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/social": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Create a social verification record + * @description Create a social verification record and return the authorization URI. + */ + post: operations["CreateVerificationBySocial"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/social/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify a social verification record + * @description Verify a social verification record by callback connector data, and save the user information to the record. + */ + post: operations["VerifyVerificationBySocial"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/web-authn/registration": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Generate WebAuthn registration options + * @description Generate WebAuthn registration options for the user to register a new WebAuthn device. + */ + post: operations["GenerateWebAuthnRegistrationOptions"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/verifications/web-authn/registration/verify": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Verify WebAuthn registration + * @description Verify the WebAuthn registration by the user's response. + */ + post: operations["VerifyWebAuthnRegistration"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @enum {string} */ + event: "SignIn" | "Register" | "ForgotPassword" + identifier?: { + username: string + password: string + } | { + email: string + password: string + } | { + phone: string + password: string + } | { + /** Format: regex */ + email: string + verificationCode: string + } | { + /** Format: regex */ + phone: string + verificationCode: string + } | { + connectorId: string + /** @description arbitrary */ + connectorData: Record + } | { + connectorId: string + email: string + } | { + connectorId: string + phone: string + } + profile?: { + /** Format: regex */ + username?: string + /** Format: regex */ + email?: string + /** Format: regex */ + phone?: string + connectorId?: string + password?: string + } + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + post?: never + delete: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/event": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @enum {string} */ + event: "SignIn" | "Register" | "ForgotPassword" + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/identifiers": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post?: never + delete?: never + options?: never + head?: never + patch: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + username: string + password: string + } | { + email: string + password: string + } | { + phone: string + password: string + } | { + /** Format: regex */ + email: string + verificationCode: string + } | { + /** Format: regex */ + phone: string + verificationCode: string + } | { + connectorId: string + /** @description arbitrary */ + connectorData: Record + } | { + connectorId: string + email: string + } | { + connectorId: string + phone: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + trace?: never + } + "/api/interaction/profile": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: regex */ + username?: string + /** Format: regex */ + email?: string + /** Format: regex */ + phone?: string + connectorId?: string + password?: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + post?: never + delete: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + options?: never + head?: never + patch: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: regex */ + username?: string + /** Format: regex */ + email?: string + /** Format: regex */ + phone?: string + connectorId?: string + password?: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + trace?: never + } + "/api/interaction/submit": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/consent": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + application: { + id: string + name: string + branding?: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + displayName?: string | null + privacyPolicyUrl?: string | null + termsOfUseUrl?: string | null + } + user: { + id: string + name: string | null + avatar: string | null + username: string | null + primaryEmail: string | null + primaryPhone: string | null + } + organizations?: { + id: string + name: string + missingResourceScopes?: { + resource: { + name: string + indicator: string + id: string + } + scopes: { + id: string + name: string + description: string | null + }[] + }[] + }[] + missingOIDCScope?: string[] + missingResourceScopes?: { + resource: { + name: string + indicator: string + id: string + } + scopes: { + id: string + name: string + description: string | null + }[] + }[] + redirectUri: string + } + } + } + } + } + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + organizationIds?: string[] + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/verification/social-authorization-uri": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + connectorId: string + state: string + /** @description Validator function */ + redirectUri: Record + scope?: string + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/verification/verification-code": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: regex */ + email: string + } | { + /** Format: regex */ + phone: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/verification/totp": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + secret: string + secretQrCode: string + } + } + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/verification/webauthn-registration": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + rp: { + name: string + id?: string + } + user: { + id: string + name: string + displayName: string + } + challenge: string + pubKeyCredParams: { + /** Format: "public-key" */ + type: string + alg: number + }[] + timeout?: number + excludeCredentials?: { + /** Format: "public-key" */ + type: string + id: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + }[] + authenticatorSelection?: { + /** @enum {string} */ + authenticatorAttachment?: "platform" | "cross-platform" + requireResidentKey?: boolean + /** @enum {string} */ + residentKey?: "discouraged" | "preferred" | "required" + /** @enum {string} */ + userVerification?: "required" | "preferred" | "discouraged" + } + /** @enum {string} */ + attestation?: "none" | "indirect" | "direct" | "enterprise" + extensions?: { + appid?: string + credProps?: boolean + hmacCreateSecret?: boolean + } + } + } + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/verification/webauthn-authentication": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + challenge: string + timeout?: number + rpId?: string + allowCredentials?: { + /** Format: "public-key" */ + type: string + id: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + }[] + /** @enum {string} */ + userVerification?: "required" | "preferred" | "discouraged" + extensions?: { + appid?: string + credProps?: boolean + hmacCreateSecret?: boolean + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/bind-mfa": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: "Totp" */ + type: string + code: string + } | { + /** Format: "WebAuthn" */ + type: string + id: string + rawId: string + response: { + clientDataJSON: string + attestationObject: string + authenticatorData?: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + publicKeyAlgorithm?: number + publicKey?: string + } + /** @enum {string} */ + authenticatorAttachment?: "cross-platform" | "platform" + clientExtensionResults: { + appid?: boolean + crepProps?: { + rk?: boolean + } + hmacCreateSecret?: boolean + } + } | { + /** Format: "BackupCode" */ + type: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/mfa": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: "Totp" */ + type: string + code: string + } | { + /** Format: "WebAuthn" */ + type: string + id: string + rawId: string + /** @enum {string} */ + authenticatorAttachment?: "cross-platform" | "platform" + clientExtensionResults: { + appid?: boolean + crepProps?: { + rk?: boolean + } + hmacCreateSecret?: boolean + } + response: { + clientDataJSON: string + authenticatorData: string + signature: string + userHandle?: string + } + } | { + /** Format: "BackupCode" */ + type: string + code: string + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/mfa-skipped": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: true */ + mfaSkipped: boolean + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/single-sign-on/{connectorId}/authorization-url": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + state: string + /** @description Validator function */ + redirectUri: Record + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Internal Server Error */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/single-sign-on/{connectorId}/authentication": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + [key: string]: unknown + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Internal Server Error */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/single-sign-on/{connectorId}/registration": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + post: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Internal Server Error */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } + "/api/interaction/single-sign-on/connectors": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get: { + parameters: { + query: { + email: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": string[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + put?: never + post?: never + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } +} +export type webhooks = Record +export interface components { + schemas: { + /** @example { + * "input": { + * "username": "Username", + * "password": "Password" + * }, + * "action": { + * "sign_in": "Sign In", + * "continue": "Continue" + * } + * } */ + TranslationObject: { + "[translationKey]"?: components["schemas"]["Translation"] + } + Translation: string + /** + * @deprecated + * @description The internal client secret. Note it is only used for internal validation, and the actual secrets should be retrieved from `/api/applications/{id}/secrets` endpoints. + */ + ApplicationLegacySecret: string + SamlApplicationResponse: { + /** @description The ID of the SAML application. */ + id?: string + /** @description The name of the SAML application. */ + name?: string + /** @description Description of the SAML application. */ + description?: string + /** @description Custom data for the application. */ + customData?: Record + /** @description The Assertion Consumer Service (ACS) URL. */ + acsUrl?: string + /** @description The SAML entity ID. */ + entityId?: string + /** + * Format: date-time + * @description The creation time of the SAML application. + */ + createdAt?: string + } + /** @description Base64-encoded SAML request message. */ + SamlRequest: string + /** @description Base64-encoded signature of the request. */ + SamlSignature: string + /** @description The signature algorithm used to sign the request. */ + SamlSignatureAlgorithm: string + /** @description Optional state parameter to be returned in the response. */ + RelayState: string + } + responses: never + parameters: { + /** @description The unique identifier of the tenant. */ + "tenantId-root": string + /** @description The unique identifier of the tenant. */ + "tenantId": string + /** @description The unique identifier of the key. */ + "keyId-root": string + /** @description The unique identifier of the key. */ + "keyId": string + /** @description The unique identifier of the connector factory. */ + "connectorFactoryId-root": string + /** @description The unique identifier of the connector factory. */ + "connectorFactoryId": string + /** @description The unique identifier of the factory. */ + "factoryId-root": string + /** @description The unique identifier of the factory. */ + "factoryId": string + /** @description The unique identifier of the application. */ + "applicationId-root": string + /** @description The unique identifier of the application. */ + "applicationId": string + /** @description The unique identifier of the connector. */ + "connectorId-root": string + /** @description The unique identifier of the connector. */ + "connectorId": string + /** @description The unique identifier of the sso connector. */ + "ssoConnectorId-root": string + /** @description The unique identifier of the sso connector. */ + "ssoConnectorId": string + /** @description The unique identifier of the resource. */ + "resourceId-root": string + /** @description The unique identifier of the resource. */ + "resourceId": string + /** @description The unique identifier of the user. */ + "userId-root": string + /** @description The unique identifier of the user. */ + "userId": string + /** @description The unique identifier of the log. */ + "logId-root": string + /** @description The unique identifier of the log. */ + "logId": string + /** @description The unique identifier of the role. */ + "roleId-root": string + /** @description The unique identifier of the role. */ + "roleId": string + /** @description The unique identifier of the scope. */ + "scopeId-root": string + /** @description The unique identifier of the scope. */ + "scopeId": string + /** @description The unique identifier of the hook. */ + "hookId-root": string + /** @description The unique identifier of the hook. */ + "hookId": string + /** @description The unique identifier of the domain. */ + "domainId-root": string + /** @description The unique identifier of the domain. */ + "domainId": string + /** @description The unique identifier of the verification. */ + "verificationId-root": string + /** @description The unique identifier of the verification. */ + "verificationId": string + /** @description The unique identifier of the organization. */ + "organizationId-root": string + /** @description The unique identifier of the organization. */ + "organizationId": string + /** @description The unique identifier of the organization role. */ + "organizationRoleId-root": string + /** @description The unique identifier of the organization role. */ + "organizationRoleId": string + /** @description The unique identifier of the organization scope. */ + "organizationScopeId-root": string + /** @description The unique identifier of the organization scope. */ + "organizationScopeId": string + /** @description The unique identifier of the organization invitation. */ + "organizationInvitationId-root": string + /** @description The unique identifier of the organization invitation. */ + "organizationInvitationId": string + /** @description The unique identifier of the saml application. */ + "samlApplicationId-root": string + /** @description The unique identifier of the saml application. */ + "samlApplicationId": string + /** @description The unique identifier of the secret. */ + "secretId-root": string + /** @description The unique identifier of the secret. */ + "secretId": string + /** @description The unique identifier of the email template. */ + "emailTemplateId-root": string + /** @description The unique identifier of the email template. */ + "emailTemplateId": string + /** @description The unique identifier of the one time token. */ + "oneTimeTokenId-root": string + /** @description The unique identifier of the one time token. */ + "oneTimeTokenId": string + /** @description The ID of the SAML application. */ + "saml-applicationId-root": string + /** @description The ID of the SAML application. */ + "samlId-root": string + } + requestBodies: never + headers: never + pathItems: never +} +export type $defs = Record +export interface operations { + ListApplications: { + parameters: { + query?: { + /** @description An array of application types to filter applications. */ + types?: ("Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML")[] | ("Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML") + excludeRoleId?: string + excludeOrganizationId?: string + isThirdParty?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of applications. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: components["schemas"]["ApplicationLegacySecret"] + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateApplication: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + name: string + description?: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata?: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata?: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + /** @description arbitrary */ + customData?: Record + isThirdParty?: boolean + /** @description The data for protected app, this feature is not available for open source version. */ + protectedAppMetadata?: { + /** @description The subdomain prefix, e.g., my-site. */ + subDomain: string + /** @description The origin of target website, e.g., https://example.com. */ + origin: string + } + } + } + } + responses: { + /** @description The application was created successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: components["schemas"]["ApplicationLegacySecret"] + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Validation error. Please check the request body. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Internal Server Error */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the application. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: components["schemas"]["ApplicationLegacySecret"] + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + isAdmin: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The application was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + name?: string + description?: string | null + oidcClientMetadata?: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata?: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + /** @description arbitrary */ + customData?: Record + protectedAppMetadata?: { + origin?: string + sessionDuration?: number + pageRules?: { + path: string + }[] + } + /** @description Whether the application has admin access. User can enable the admin access for Machine-to-Machine apps. */ + isAdmin?: boolean + } + } + } + responses: { + /** @description The application was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: components["schemas"]["ApplicationLegacySecret"] + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Validation error. Please check the request body. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Internal server error. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateApplicationCustomData: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": Record + } + } + responses: { + /** @description The updated custom data in JSON. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": Record + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationRoles: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of API resource roles assigned to the application. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceApplicationRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of API resource role IDs to update for the application. */ + roleIds: string[] + } + } + } + responses: { + /** @description The API resource roles have been updated for the application successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignApplicationRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of API resource role IDs to assign. */ + roleIds: string[] + } + } + } + responses: { + /** @description The API resource roles have been assigned to the application successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + /** @description The unique identifier of the role. */ + roleId: components["parameters"]["roleId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The API resource role has been removed from the application successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationProtectedAppMetadataCustomDomains: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of the application custom domains. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } + } + /** @description Faild to sync the domain info from remote provider. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateApplicationProtectedAppMetadataCustomDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The domain to be added to the application. */ + domain: string + } + } + } + responses: { + /** @description The domain has been added to the application. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The domain already exists. */ + 409: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Exeeded the maximum number of domains allowed or the domain is invalid. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationProtectedAppMetadataCustomDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + domain: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The domain has been removed. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Can not find the domain. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationOrganizations: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of organizations that the application is associated with. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + organizationRoles: { + id: string + name: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationLegacySecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: string + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + } + } + } + /** @description The legacy secret was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application does not have a legacy secret. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationSecrets: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of secrets. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + name: string + value: string + createdAt: number + expiresAt: number | null + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The secret name. Must be unique within the application. */ + name: string + /** @description The epoch time in milliseconds when the secret will expire. If not provided, the secret will never expire. */ + expiresAt?: number | null + } + } + } + responses: { + /** @description The secret was added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + name: string + value: string + createdAt: number + expiresAt: number | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The secret name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The name of the secret. */ + name: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The secret was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The name of the secret. */ + name: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The secret name to update. Must be unique within the application. */ + name: string + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + name: string + value: string + createdAt: number + expiresAt: number | null + } + } + } + /** @description The secret was updated successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationUserConsentScopes: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description All the user consent scopes of the application are listed successfully */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description A list of organization scope details assigned to the application. */ + organizationScopes: { + id: string + name: string + description: string | null + }[] + /** @description A list of resource scope details grouped by resource id assigned to the application. */ + resourceScopes: { + resource: { + id: string + name: string + indicator: string + } + scopes: { + id: string + name: string + description: string | null + }[] + }[] + /** @description A list of organization resource scope details grouped by resource id assigned to the application. */ + organizationResourceScopes: { + resource: { + id: string + name: string + indicator: string + } + scopes: { + id: string + name: string + description: string | null + }[] + }[] + /** @description A list of user scope enum value assigned to the application. */ + userScopes: ("profile" | "email" | "phone" | "address" | "custom_data" | "identities" | "roles" | "urn:logto:scope:organizations" | "urn:logto:scope:organization_roles")[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application is not found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateApplicationUserConsentScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A list of organization scope id to assign to the application. Throws error if any given organization scope is not found. */ + organizationScopes?: string[] + /** @description A list of resource scope id to assign to the application. Throws error if any given resource scope is not found. */ + resourceScopes?: string[] + /** @description A list of organization resource scope id to assign to the application. Throws error if any given resource scope is not found. */ + organizationResourceScopes?: string[] + /** @description A list of user scope enum value to assign to the application. */ + userScopes?: ("profile" | "email" | "phone" | "address" | "custom_data" | "identities" | "roles" | "urn:logto:scope:organizations" | "urn:logto:scope:organization_roles")[] + } + } + } + responses: { + /** @description All the user consent scopes are assigned to the application successfully */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application is not found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Any of the given organization scope, resource scope or user scope is not found */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationUserConsentScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + scopeType: "organization-scopes" | "resource-scopes" | "organization-resource-scopes" | "user-scopes" + /** @description The unique identifier of the scope. */ + scopeId: components["parameters"]["scopeId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The user consent scope is removed from the application successfully */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application or scope is not found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetApplicationSignInExperience: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Returns the application's application level sign-in experience. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + color: { + /** Format: regex */ + primaryColor?: string + isDarkModeEnabled?: boolean + /** Format: regex */ + darkPrimaryColor?: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + displayName: string | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application does not exist or the application level sign-in experience does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceApplicationSignInExperience: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + color?: { + /** Format: regex */ + primaryColor?: string + isDarkModeEnabled?: boolean + /** Format: regex */ + darkPrimaryColor?: string + } + branding?: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + displayName?: string | null + termsOfUseUrl: (string | null) | string + privacyPolicyUrl: (string | null) | string + } + } + } + responses: { + /** @description The application's sign-in experience was successfully updated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + color: { + /** Format: regex */ + primaryColor?: string + isDarkModeEnabled?: boolean + /** Format: regex */ + darkPrimaryColor?: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + displayName: string | null + } + } + } + /** @description A new application level sign-in experience settings was successfully created. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + applicationId: string + color: { + /** Format: regex */ + primaryColor?: string + isDarkModeEnabled?: boolean + /** Format: regex */ + darkPrimaryColor?: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + displayName: string | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListApplicationUserConsentOrganizations: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description List of organization entities granted by the user for the application. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description A list of organization entities granted by the user for the application. */ + organizations: { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceApplicationUserConsentOrganizations: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A list of organization ids to be granted.
All the existing organizations' access will be revoked if not in the list.
If the list is empty, all the organizations' access will be revoked. */ + organizationIds: string[] + } + } + } + responses: { + /** @description All the request organizations's access are granted to the user for the application. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application or user is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of one of the organizations, or the application is not a third-party application. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateApplicationUserConsentOrganization: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A list of organization ids to be granted. */ + organizationIds: string[] + } + } + } + responses: { + /** @description All the request organizations's access are granted to the user for the application. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application or user is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of one of the organizations, or the application is not a third-party application. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteApplicationUserConsentOrganization: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the application. */ + id: components["parameters"]["applicationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The unique identifier of the organization. */ + organizationId: components["parameters"]["organizationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The user's access to the organization is revoked for the application. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application, user or organization is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetAdminConsoleConfig: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The configuration object. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + signInExperienceCustomized: boolean + organizationCreated: boolean + developmentTenantMigrationNotification?: { + isPaidTenant: boolean + tag: string + readAt?: number + } + checkedChargeNotification?: { + token?: boolean + apiResource?: boolean + machineToMachineApp?: boolean + tenantMember?: boolean + } + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Configuration not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateAdminConsoleConfig: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + signInExperienceCustomized?: boolean + organizationCreated?: boolean + developmentTenantMigrationNotification?: { + isPaidTenant: boolean + tag: string + readAt?: number + } + checkedChargeNotification?: { + token?: boolean + apiResource?: boolean + machineToMachineApp?: boolean + tenantMember?: boolean + } + } + } + } + responses: { + /** @description The updated configuration object. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + signInExperienceCustomized: boolean + organizationCreated: boolean + developmentTenantMigrationNotification?: { + isPaidTenant: boolean + tag: string + readAt?: number + } + checkedChargeNotification?: { + token?: boolean + apiResource?: boolean + machineToMachineApp?: boolean + tenantMember?: boolean + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Configuration not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOidcKeys: { + parameters: { + query?: never + header?: never + path: { + /** @description Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead. */ + keyType: "private-keys" | "cookie-keys" + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of OIDC signing keys for the given key type. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + createdAt: number + /** @enum {string} */ + signingKeyAlgorithm?: "RSA" | "EC" + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOidcKey: { + parameters: { + query?: never + header?: never + path: { + /** @description Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead. */ + keyType: "private-keys" | "cookie-keys" + /** @description The unique identifier of the key. */ + keyId: components["parameters"]["keyId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The key was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The key was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one key must be kept. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + RotateOidcKeys: { + parameters: { + query?: never + header?: never + path: { + /** @description Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead. */ + keyType: "private-keys" | "cookie-keys" + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * @description The signing key algorithm the new generated private key is using. + * + * Only applicable when `keyType` is `private-keys`. + * @enum {string} + */ + signingKeyAlgorithm?: "RSA" | "EC" + } + } + } + responses: { + /** @description An array of OIDC signing keys after rotation. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + createdAt: number + /** @enum {string} */ + signingKeyAlgorithm?: "RSA" | "EC" + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetJwtCustomizer: { + parameters: { + query?: never + header?: never + path: { + /** @description The token type to get the JWT customizer for. */ + tokenTypePath: "access-token" | "client-credentials" + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The JWT customizer. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + script: string + environmentVariables?: { + [key: string]: string + } + contextSample?: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + } | { + script: string + environmentVariables?: { + [key: string]: string + } + /** @description arbitrary */ + contextSample?: Record + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The JWT customizer does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpsertJwtCustomizer: { + parameters: { + query?: never + header?: never + path: { + /** @description The token type to create a JWT customizer for. */ + tokenTypePath: "access-token" | "client-credentials" + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The script of the JWT customizer. */ + script?: unknown + /** @description The environment variables for the JWT customizer. */ + environmentVariables?: unknown + /** @description The sample context for the JWT customizer script testing purpose. */ + contextSample?: unknown + /** @description The sample raw token payload for the JWT customizer script testing purpose. */ + tokenSample?: unknown + } + } + } + responses: { + /** @description The updated JWT customizer. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + script: string + environmentVariables?: { + [key: string]: string + } + contextSample?: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + } | { + script: string + environmentVariables?: { + [key: string]: string + } + /** @description arbitrary */ + contextSample?: Record + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + } + } + } + /** @description The created JWT customizer. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + script: string + environmentVariables?: { + [key: string]: string + } + contextSample?: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + } | { + script: string + environmentVariables?: { + [key: string]: string + } + /** @description arbitrary */ + contextSample?: Record + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + } + } + } + /** @description The request body is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteJwtCustomizer: { + parameters: { + query?: never + header?: never + path: { + /** @description The token type path to delete the JWT customizer for. */ + tokenTypePath: "access-token" | "client-credentials" + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The JWT customizer was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The JWT customizer does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateJwtCustomizer: { + parameters: { + query?: never + header?: never + path: { + /** @description The token type to update a JWT customizer for. */ + tokenTypePath: "access-token" | "client-credentials" + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The script of the JWT customizer. */ + script?: unknown + /** @description The environment variables for the JWT customizer. */ + environmentVariables?: unknown + /** @description The sample context for the JWT customizer script testing purpose. */ + contextSample?: unknown + /** @description The sample raw token payload for the JWT customizer script testing purpose. */ + tokenSample?: unknown + } + } + } + responses: { + /** @description The updated JWT customizer. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + script: string + environmentVariables?: { + [key: string]: string + } + contextSample?: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + } | { + script: string + environmentVariables?: { + [key: string]: string + } + /** @description arbitrary */ + contextSample?: Record + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + } + } + } + /** @description The request body is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListJwtCustomizers: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The JWT customizers. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": ({ + /** Format: "jwt.accessToken" */ + key: string + value: { + script: string + environmentVariables?: { + [key: string]: string + } + contextSample?: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + } + } | { + /** Format: "jwt.clientCredentials" */ + key: string + value: { + script: string + environmentVariables?: { + [key: string]: string + } + /** @description arbitrary */ + contextSample?: Record + tokenSample?: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + } + })[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + TestJwtCustomizer: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The token type to test the JWT customizer for. */ + tokenType?: unknown + payload?: { + /** @description The code snippet of the JWT customizer. */ + script?: unknown + /** @description The environment variables for the JWT customizer. */ + environmentVariables?: unknown + /** @description The sample context for the JWT customizer script testing purpose. */ + contextSample?: unknown + /** @description The sample token payload for the JWT customizer script testing purpose. */ + tokenSample?: unknown + } + } & ({ + /** Format: "access-token" */ + tokenType: string + environmentVariables?: { + [key: string]: string + } + script: string + token: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + accountId?: string + expiresWithSession?: boolean + grantId?: string + gty?: string + sessionUid?: string + sid?: string + /** Format: "AccessToken" */ + kind?: string + } + context: { + user: { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + }[] + mfaVerificationFactors?: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + roles?: { + id: string + name: string + description: string + scopes: { + id: string + name: string + description: string | null + resourceId: string + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + }[] + organizations?: { + id: string + name: string + description: string | null + }[] + organizationRoles?: { + organizationId: string + roleId: string + roleName: string + }[] + } + grant?: { + /** Format: "urn:ietf:params:oauth:grant-type:token-exchange" */ + type?: string + /** @description arbitrary */ + subjectTokenContext?: Record + } + interaction?: { + /** @enum {string} */ + interactionEvent?: "SignIn" | "Register" | "ForgotPassword" + userId?: string + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + })[] + } + } + } | { + /** Format: "client-credentials" */ + tokenType: string + environmentVariables?: { + [key: string]: string + } + script: string + token: { + jti?: string + aud?: string | string[] + scope?: string + clientId?: string + /** Format: "ClientCredentials" */ + kind?: string + } + }) + } + } + responses: { + /** @description The result of the JWT customizer script testing. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": Record + } + } + /** @description Zod errors in cloud service (data type does not match expectation, can be either request body or response body). */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Cloud connection does not have enough permission to perform the action. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Syntax errors in cloud service. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListConnectors: { + parameters: { + query?: { + /** @description Filter connectors by target. */ + target?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of connectors. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + syncProfile: boolean + enableTokenStorage: boolean + /** @description arbitrary */ + config: Record + metadata: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + connectorId: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + extraInfo?: { + [key: string]: unknown + } + usage?: number + }[] + } + } + /** @description The target only allows one connector to exist, but there are multiple connectors with this target. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateConnector: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The connector config object that will be passed to the connector. The config object should be compatible with the connector factory. */ + config?: Record + /** @description The connector factory ID for creating the connector. */ + connectorId: string + /** @description Custom connector metadata, will be used to overwrite the default connector factory metadata. */ + metadata?: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + /** @description Whether to sync user profile from the identity provider to Logto at each sign-in. If `false`, the user profile will only be synced when the user is created. */ + syncProfile?: boolean + enableTokenStorage?: boolean + /** @description The unique ID for the connector. If not provided, a random ID will be generated. */ + id?: string + } + } + } + responses: { + /** @description The created connector. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + syncProfile: boolean + enableTokenStorage: boolean + /** @description arbitrary */ + config: Record + metadata: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + connectorId: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + extraInfo?: { + [key: string]: unknown + } + usage?: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The tenant has reached the maximum number of connectors. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid request body. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + id: components["parameters"]["connectorId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The connector data. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + syncProfile: boolean + enableTokenStorage: boolean + /** @description arbitrary */ + config: Record + metadata: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + connectorId: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + extraInfo?: { + [key: string]: unknown + } + usage?: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + id: components["parameters"]["connectorId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The connector has been successfully deleted. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + id: components["parameters"]["connectorId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The connector config object that will be passed to the connector. The config object should be compatible with the connector factory. */ + config?: Record + /** @description Custom connector metadata, will be used to overwrite the default connector metadata. */ + metadata?: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + /** @description Whether to sync user profile from the identity provider to Logto at each sign-in. If `false`, the user profile will only be synced when the user is created. */ + syncProfile?: boolean + enableTokenStorage?: boolean + } + } + } + responses: { + /** @description The updated connector. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + syncProfile: boolean + enableTokenStorage: boolean + /** @description arbitrary */ + config: Record + metadata: { + target?: string + /** @description Validator function */ + name?: Record + logo?: string + logoDark?: string | null + } + connectorId: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + extraInfo?: { + [key: string]: unknown + } + usage?: number + } + } + } + /** @description Invalid request body. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Patch operation triggered a connector conflict. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateConnectorTest: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the factory. */ + factoryId: components["parameters"]["factoryId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * Format: regex + * @description Phone number to send test message to. If this is set, email will be ignored. + */ + phone?: string + /** + * Format: regex + * @description Email address to send test message to. If phone is set, this will be ignored. + */ + email?: string + /** @description Connector configuration object for testing. */ + config: Record + /** @description Preferred language for the message. If not set, the default language will be used. (Applicable only when custom i18n templates are configured.) */ + locale?: string + } + } + } + responses: { + /** @description Test message was sent successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid request body (e.g. wrong phone number, email or config). */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateConnectorAuthorizationUri: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A random string generated on the client side to prevent CSRF (Cross-Site Request Forgery) attacks. */ + state: string + /** @description The URI to navigate back to after the user is authenticated by the connected social identity provider and has granted access to the connector. */ + redirectUri: string + } + } + } + responses: { + /** @description Successfully built authorization URI. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** Format: url */ + redirectTo: string + /** @description The URI to navigate for authentication and authorization in the connected social identity provider. */ + redirectUri?: unknown + } + } + } + /** @description Unable to build authorization URI. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector with the specified ID does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListConnectorFactories: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of connector factories. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + id: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetConnectorFactory: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector factory. */ + id: components["parameters"]["connectorFactoryId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Connector factory data. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @enum {string} */ + type: "Email" | "Sms" | "Social" + isDemo?: boolean + id: string + target: string + /** @description Validator function */ + name: Record + /** @description Validator function */ + description: Record + logo: string + logoDark: string | null + readme: string + configTemplate?: string + formItems?: ({ + /** Format: "Select" */ + type: string + selectItems: { + value: string + title: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** Format: "MultiSelect" */ + type: string + selectItems: { + value: string + }[] + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + } | { + /** @enum {string} */ + type: "Text" | "Number" | "MultilineText" | "Switch" | "Json" + key: string + label: string + placeholder?: string + required?: boolean + /** @example {} */ + defaultValue?: unknown + showConditions?: { + targetKey: string + /** @example {} */ + expectValue?: unknown + }[] + description?: string + tooltip?: string + isConfidential?: boolean + isDevFeature?: boolean + })[] + customData?: { + [key: string]: unknown + } + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector factory not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListResources: { + parameters: { + query?: { + /** @description If it's provided with a truthy value (`true`, `1`, `yes`), the scopes of each resource will be included in the response. */ + includeScopes?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of resources. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + scopes?: { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateResource: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the resource. */ + name: string + /** @description The unique resource indicator. Should be a valid URI. */ + indicator: string + /** + * @description The access token TTL in seconds. It affects the `exp` claim of the access token granted for this resource. + * @default 3600 + */ + accessTokenTtl?: number + } + } + } + responses: { + /** @description The created resource. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + scopes?: { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetResource: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + id: components["parameters"]["resourceId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The requested resource. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteResource: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + id: components["parameters"]["resourceId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The resource was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateResource: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + id: components["parameters"]["resourceId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The updated name of the resource. */ + name?: string + /** @description The updated access token TTL in seconds. */ + accessTokenTtl?: number + } + } + } + responses: { + /** @description The updated resource. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateResourceIsDefault: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + id: components["parameters"]["resourceId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The updated value of the `isDefault` property. */ + isDefault: boolean + } + } + } + responses: { + /** @description The updated resource. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListResourceScopes: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the resource. */ + resourceId: components["parameters"]["resourceId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of scopes for the requested resource. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateResourceScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + resourceId: components["parameters"]["resourceId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The name of the scope. It should be unique for the resource. */ + name: string + description?: string | null + } + } + } + responses: { + /** @description The created scope. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteResourceScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + resourceId: components["parameters"]["resourceId"] + /** @description The unique identifier of the scope. */ + scopeId: components["parameters"]["scopeId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The scope was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateResourceScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the resource. */ + resourceId: components["parameters"]["resourceId"] + /** @description The unique identifier of the scope. */ + scopeId: components["parameters"]["scopeId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The updated name of the scope. It should be unique for the resource. */ + name?: string + description?: string | null + } + } + } + responses: { + /** @description The updated scope. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSignInExp: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Default sign-in experience settings. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + /** @description The primary branding color for the sign-in page (both light/dark mode). */ + color: { + /** Format: regex */ + primaryColor: string + isDarkModeEnabled: boolean + /** Format: regex */ + darkPrimaryColor: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + /** @description The language detection policy for the sign-in page. */ + languageInfo: { + autoDetect: boolean + /** @enum {string} */ + fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + /** @enum {string} */ + agreeToTermsPolicy: "Automatic" | "ManualRegistrationOnly" | "Manual" + /** @description Sign-in method settings. */ + signIn: { + methods: { + /** @enum {string} */ + identifier: "username" | "email" | "phone" + password: boolean + verificationCode: boolean + isPasswordPrimary: boolean + }[] + } + /** @description Sign-up method settings. */ + signUp: { + /** @description Allowed identifiers when signing-up. */ + identifiers: ("username" | "email" | "phone")[] + /** @description Whether the user is required to set a password when signing-up. */ + password: boolean + /** @description Whether the user is required to verify their email/phone when signing-up. */ + verify: boolean + /** @description Additional identifiers required during sign-up. Once specified, users will be prompted to provide these identifiers when creating an account. */ + secondaryIdentifiers?: { + identifier: ("username" | "email" | "phone") | "emailOrPhone" + verify?: boolean + }[] + } + socialSignIn: { + automaticAccountLinking?: boolean + } + /** @description Enabled social sign-in connectors, will displayed on the sign-in page. */ + socialSignInConnectorTargets: string[] + /** @enum {string} */ + signInMode: "SignIn" | "Register" | "SignInAndRegister" + customCss: string | null + /** @description Custom content to display on experience flow pages. the page pathname will be the config key, the content will be the config value. */ + customContent: { + [key: string]: string + } + customUiAssets: { + id: string + createdAt: number + } | null + /** @description Password policies to adjust the password strength requirements. */ + passwordPolicy: { + /** @default {} */ + length: { + /** @default 8 */ + min: number + /** @default 256 */ + max: number + } + /** @default {} */ + characterTypes: { + /** @default 1 */ + min: number + } + /** @default {} */ + rejects: { + /** @default true */ + pwned: boolean + /** @default true */ + repetitionAndSequence: boolean + /** @default true */ + userInfo: boolean + /** @default [] */ + words: string[] + } + } + /** @description MFA settings */ + mfa: { + factors: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + /** @enum {string} */ + policy: "UserControlled" | "Mandatory" | "PromptOnlyAtSignIn" | "PromptAtSignInAndSignUp" | "NoPrompt" + /** @enum {string} */ + organizationRequiredMfaPolicy?: "NoPrompt" | "Mandatory" + } + singleSignOnEnabled: boolean + /** @description The support email address to display on the error pages. */ + supportEmail: string | null + /** @description The support website URL to display on the error pages. */ + supportWebsiteUrl: string | null + /** @description The fallback URL to redirect users when the sign-in session does not exist or unknown. Client should initiates a new authentication flow after the redirection. */ + unknownSessionRedirectUrl: string | null + captchaPolicy: { + enabled?: boolean + } + /** @description Custom sentinel policy settings. Use this field to customize the user lockout policy. The default value is 100 failed attempts within one hour. The user will be locked out for 60 minutes after exceeding the limit. */ + sentinelPolicy: { + maxAttempts?: number + lockoutDuration?: number + } + /** @description Define email restriction policies. Users will be prohibited from registering or linking any email addresses that are included in the blocklist. */ + emailBlocklistPolicy: { + blockDisposableAddresses?: boolean + /** @description Whether to block sub-addresses. (E.g., example+shopping@test.com) */ + blockSubaddressing?: boolean + /** @description Custom blocklist of email addresses or domains. */ + customBlocklist?: string[] + /** @description Cloud only. Whether to block disposable email addresses. Once enabled, Logto will check the email domain against a list of known disposable email domains. If the domain is found in the list, the email address will be blocked. */ + blockDisposableAddress?: unknown + } + forgotPasswordMethods: ("EmailVerificationCode" | "PhoneVerificationCode")[] | null + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Default sign-in experience settings not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateSignInExp: { + parameters: { + query?: { + /** @description Whether to remove unused demo social connectors. (These demo social connectors are only used during cloud user onboarding) */ + removeUnusedDemoSocialConnector?: string + } + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description Specify the primary branding color for the sign-in page (both light/dark mode). */ + color?: { + /** Format: regex */ + primaryColor: string + isDarkModeEnabled: boolean + /** Format: regex */ + darkPrimaryColor: string + } + branding?: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + /** @description Control the language detection policy for the sign-in page. */ + languageInfo?: { + autoDetect: boolean + /** @enum {string} */ + fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + /** @enum {string} */ + agreeToTermsPolicy?: "Automatic" | "ManualRegistrationOnly" | "Manual" + /** @description Sign-in method settings */ + signIn?: { + methods: { + /** @enum {string} */ + identifier: "username" | "email" | "phone" + password: boolean + verificationCode: boolean + isPasswordPrimary: boolean + }[] + } + /** @description Sign-up method settings */ + signUp?: { + /** @description Specify allowed identifiers when signing-up. */ + identifiers: ("username" | "email" | "phone")[] + /** @description Whether the user is required to set a password when signing-up. */ + password: boolean + /** @description Whether the user is required to verify their email/phone when signing-up. */ + verify: boolean + secondaryIdentifiers?: { + identifier: ("username" | "email" | "phone") | "emailOrPhone" + verify?: boolean + }[] + } + socialSignIn?: { + automaticAccountLinking?: boolean + } + /** @description Specify the social sign-in connectors to display on the sign-in page. */ + socialSignInConnectorTargets?: string[] + /** @enum {string} */ + signInMode?: "SignIn" | "Register" | "SignInAndRegister" + customCss?: string | null + /** @description Custom content to display on experience flow pages. the page pathname will be the config key, the content will be the config value. */ + customContent?: { + [key: string]: string + } + customUiAssets?: { + id: string + createdAt: number + } | null + /** @description Password policies to adjust the password strength requirements. */ + passwordPolicy?: { + /** @default {} */ + length?: { + /** @default 8 */ + min: number + /** @default 256 */ + max: number + } + /** @default {} */ + characterTypes?: { + /** @default 1 */ + min: number + } + /** @default {} */ + rejects?: { + /** @default true */ + pwned: boolean + /** @default true */ + repetitionAndSequence: boolean + /** @default true */ + userInfo: boolean + /** @default [] */ + words: string[] + } + } + /** @description MFA settings */ + mfa?: { + factors: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + /** @enum {string} */ + policy: "UserControlled" | "Mandatory" | "PromptOnlyAtSignIn" | "PromptAtSignInAndSignUp" | "NoPrompt" + /** @enum {string} */ + organizationRequiredMfaPolicy?: "NoPrompt" | "Mandatory" + } + singleSignOnEnabled?: boolean + captchaPolicy?: { + enabled?: boolean + } + /** @description Custom sentinel policy settings. Use this field to customize the user lockout policy. The default value is 100 failed attempts within one hour. The user will be locked out for 60 minutes after exceeding the limit. */ + sentinelPolicy?: { + maxAttempts?: number + lockoutDuration?: number + } + /** @description Define email restriction policies. Users will be prohibited from registering or linking any email addresses that are included in the blocklist. */ + emailBlocklistPolicy?: { + blockDisposableAddresses?: boolean + /** @description Whether to block sub-addresses. (E.g., example+shopping@test.com) */ + blockSubaddressing?: boolean + /** @description Custom blocklist of email addresses or domains. */ + customBlocklist?: string[] + /** @description Cloud only. Whether to block disposable email addresses. Once enabled, Logto will check the email domain against a list of known disposable email domains. If the domain is found in the list, the email address will be blocked. */ + blockDisposableAddress?: unknown + } + forgotPasswordMethods?: ("EmailVerificationCode" | "PhoneVerificationCode")[] | null + termsOfUseUrl?: (string | null) | string + privacyPolicyUrl?: (string | null) | string + /** @description The support email address to display on the error pages. */ + supportEmail?: (string | null) | string + /** @description The support website URL to display on the error pages. */ + supportWebsiteUrl?: (string | null) | string + /** @description The fallback URL to redirect users when the sign-in session does not exist or unknown. Client should initiate a new authentication flow after the redirection. */ + unknownSessionRedirectUrl?: (string | null) | string + } + } + } + responses: { + /** @description Updated default sign-in experience settings. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + color: { + /** Format: regex */ + primaryColor: string + isDarkModeEnabled: boolean + /** Format: regex */ + darkPrimaryColor: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + languageInfo: { + autoDetect: boolean + /** @enum {string} */ + fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + /** @enum {string} */ + agreeToTermsPolicy: "Automatic" | "ManualRegistrationOnly" | "Manual" + signIn: { + methods: { + /** @enum {string} */ + identifier: "username" | "email" | "phone" + password: boolean + verificationCode: boolean + isPasswordPrimary: boolean + }[] + } + signUp: { + identifiers: ("username" | "email" | "phone")[] + password: boolean + verify: boolean + secondaryIdentifiers?: { + identifier: ("username" | "email" | "phone") | "emailOrPhone" + verify?: boolean + }[] + } + socialSignIn: { + automaticAccountLinking?: boolean + } + socialSignInConnectorTargets: string[] + /** @enum {string} */ + signInMode: "SignIn" | "Register" | "SignInAndRegister" + customCss: string | null + customContent: { + [key: string]: string + } + customUiAssets: { + id: string + createdAt: number + } | null + passwordPolicy: { + /** @default {} */ + length: { + /** @default 8 */ + min: number + /** @default 256 */ + max: number + } + /** @default {} */ + characterTypes: { + /** @default 1 */ + min: number + } + /** @default {} */ + rejects: { + /** @default true */ + pwned: boolean + /** @default true */ + repetitionAndSequence: boolean + /** @default true */ + userInfo: boolean + /** @default [] */ + words: string[] + } + } + mfa: { + factors: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + /** @enum {string} */ + policy: "UserControlled" | "Mandatory" | "PromptOnlyAtSignIn" | "PromptAtSignInAndSignUp" | "NoPrompt" + /** @enum {string} */ + organizationRequiredMfaPolicy?: "NoPrompt" | "Mandatory" + } + singleSignOnEnabled: boolean + supportEmail: string | null + supportWebsiteUrl: string | null + unknownSessionRedirectUrl: string | null + captchaPolicy: { + enabled?: boolean + } + sentinelPolicy: { + maxAttempts?: number + lockoutDuration?: number + } + emailBlocklistPolicy: { + blockDisposableAddresses?: boolean + blockSubaddressing?: boolean + customBlocklist?: string[] + } + forgotPasswordMethods: ("EmailVerificationCode" | "PhoneVerificationCode")[] | null + } + } + } + /** @description Bad request. Invalid data provided. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Default sign-in experience settings not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Entity. Invalid data provided. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CheckPasswordWithDefaultSignInExperience: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The password to check. */ + password: string + /** @description The user ID to check the password for. It is required if rejects user info is enabled in the password policy. */ + userId?: string + } + } + } + responses: { + /** @description The password meets the password policy. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** Format: true */ + result: boolean + } | { + /** Format: false */ + result: boolean + issues: { + code: string + interpolation?: { + [key: string]: unknown + } + }[] + } + } + } + /** @description The password does not meet the password policy or no user ID provided. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UploadCustomUiAssets: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: { + content: { + "multipart/form-data": { + /** @description The zip file containing custom web assets such as HTML, CSS, and JavaScript files. */ + file?: unknown + } + } + } + responses: { + /** @description An JSON object containing the custom UI assets ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + customUiAssetId: string + } + } + } + /** @description Bad request. The request body is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Failed to unzip or upload the custom UI assets to storage provider. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetUser: { + parameters: { + query?: { + /** @description If it's provided with a truthy value (`true`, `1`, `yes`), each user in the response will include a `ssoIdentities` property containing a list of SSO identities associated with the user. */ + includeSsoIdentities?: string + } + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description User data for the given ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + /** @description List of SSO identities associated with the user. Only available when the `includeSsoIdentities` query parameter is provided with a truthy value. */ + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description User deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Updated username for the user. It should be unique across all users. */ + username?: string | null + /** @description Updated primary email address for the user. It should be unique across all users. */ + primaryEmail?: string | null + /** @description Updated primary phone number for the user. It should be unique across all users. */ + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description Custom data object to update for the given user ID. Note this will replace the entire custom data object. + * + * If you want to perform a partial update, use the `PATCH /api/users/{userId}/custom-data` endpoint instead. */ + customData?: Record + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + } + responses: { + /** @description Updated user data for the given ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserCustomData: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom data in JSON for the given user ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": Record + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUserCustomData: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Partial custom data object to update for the given user ID. */ + customData: Record + } + } + } + responses: { + /** @description Updated custom data in JSON for the given user ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": Record + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUserProfile: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Partial profile object to update for the given user ID. */ + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + } + responses: { + /** @description Updated profile in JSON for the given user ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUsers: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of users that match the given criteria. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateUser: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * Format: regex + * @description Primary phone number for the user. It should be unique across all users. + */ + primaryPhone?: string + /** + * Format: regex + * @description Primary email address for the user. It should be unique across all users. + */ + primaryEmail?: string + /** + * Format: regex + * @description Username for the user. It should be unique across all users. + */ + username?: string + /** @description Plain text password for the user. */ + password?: string + /** @description In case you already have the password digests and not the passwords, you can use them for the newly created user via this property. The value should be generated with one of the supported algorithms. The algorithm can be specified using the `passwordAlgorithm` property. */ + passwordDigest?: string + /** + * @description The hash algorithm used for the password. It should be one of the supported algorithms: argon2, md5, sha1, sha256. Should the encryption algorithm differ from argon2, it will automatically be upgraded to argon2 upon the user's next sign-in. + * @enum {string} + */ + passwordAlgorithm?: "Argon2i" | "Argon2id" | "Argon2d" | "SHA1" | "SHA256" | "MD5" | "Bcrypt" | "Legacy" + name?: string + avatar?: string | null + /** @description arbitrary */ + customData?: Record + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + } + responses: { + /** @description User data for the newly created user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUserPassword: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description New password for the user. */ + password: string + } + } + } + responses: { + /** @description User password updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyUserPassword: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Password to verify. */ + password: string + } + } + } + responses: { + /** @description User password matches. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description User password does not match. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetUserHasPassword: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The result of the check. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + hasPassword: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUserIsSuspended: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description New suspension status for the user. */ + isSuspended: boolean + } + } + } + responses: { + /** @description User suspension status updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserRoles: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of API resource roles assigned to the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceUserRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of API resource role IDs to assign. */ + roleIds: string[] + } + } + } + responses: { + /** @description The API resource roles has been updated for the user successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignUserRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of API resource role IDs to assign. */ + roleIds: string[] + } + } + } + responses: { + /** @description The API resource roles has been assigned to the user. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteUserRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The unique identifier of the role. */ + roleId: components["parameters"]["roleId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The API resource role has been removed from the user. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetUserIdentity: { + parameters: { + query?: { + /** @description Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret. */ + includeTokenSecret?: string + } + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + target: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Returns the user's social identity and associated token storage. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The user's social identity. */ + identity: { + userId: string + /** @description arbitrary */ + details?: Record + } + /** @description The desensitized token set secret associated with the user's social identity. + * This field is included only if the `includeTokenSecret` query parameter is provided and the corresponding connector has token storage enabled. */ + tokenSecret?: { + tenantId: string + id: string + userId: string + /** Format: "federated_token_set" */ + type: string + metadata: { + scope?: string + expiresAt?: number + tokenType?: string + hasRefreshToken: boolean + } + createdAt: number + updatedAt: number + connectorId: string + identityId: string + target: string + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description User social identity not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceUserIdentity: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + target: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The user's social identity ID. */ + userId: string + /** @description The user's social identity details. */ + details?: Record + } + } + } + responses: { + /** @description The identity is updated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + } + } + /** @description The identity is created. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteUserIdentity: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + target: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The identity is deleted from the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateUserIdentity: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The Logto connector ID. */ + connectorId: string + /** @description A json object constructed from the url query params returned by the social platform. Typically it contains `code`, `state` and `redirectUri` fields. */ + connectorData: { + [key: string]: unknown + } + } + } + } + responses: { + /** @description A new identity is linked to the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserOrganizations: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of organizations that the user is a member of. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + organizationRoles: { + id: string + name: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserMfaVerifications: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of MFA verifications for the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + createdAt: string + /** @enum {string} */ + type: "Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode" + agent?: string + name?: string + remainCodes?: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateUserMfaVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: "Totp" */ + type: string + secret?: string + } | { + /** Format: "BackupCode" */ + type: string + codes?: string[] + } | { + /** @description The type of MFA verification to create. */ + type: string + /** @description The secret for the MFA verification, if not provided, a new secret will be generated. */ + secret?: string + } | { + /** @description The type of MFA verification to create. */ + type: string + /** @description The backup codes for the MFA verification, if not provided, a new group of backup codes will be generated. */ + codes?: string[] + } + } + } + responses: { + /** @description The MFA verification that was created. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** Format: "Totp" */ + type: string + secret: string + secretQrCode: string + } | { + /** Format: "BackupCode" */ + type: string + codes: string[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteUserMfaVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The unique identifier of the verification. */ + verificationId: components["parameters"]["verificationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The MFA verification was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserPersonalAccessTokens: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of personal access tokens. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + userId: string + name: string + value: string + createdAt: number + expiresAt: number | null + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateUserPersonalAccessToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The personal access token name. Must be unique within the user. */ + name: string + /** @description The epoch time in milliseconds when the token will expire. If not provided, the token will never expire. */ + expiresAt?: number | null + } + } + } + responses: { + /** @description The personal access token was added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + userId: string + name: string + value: string + createdAt: number + expiresAt: number | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The personal access token name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteUserPersonalAccessToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The name of the token. */ + name: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The token was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateUserPersonalAccessToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The name of the token. */ + name: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The token name to update. Must be unique within the user. */ + name: string + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + userId: string + name: string + value: string + createdAt: number + expiresAt: number | null + } + } + } + /** @description The token was updated successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetUserSsoIdentity: { + parameters: { + query?: { + /** @description Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret. */ + includeTokenSecret?: string + } + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The unique identifier of the sso connector. */ + ssoConnectorId: components["parameters"]["ssoConnectorId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Returns the user's enterprise SSO identity and associated token secret. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The user's enterprise SSO identity. */ + ssoIdentity: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + } + /** @description The desensitized token set secret associated with the user's SSO identity. + * This field is included only if the `includeTokenSecret` query parameter is provided and the corresponding connector has token storage enabled. */ + tokenSecret?: { + tenantId: string + id: string + userId: string + /** Format: "federated_token_set" */ + type: string + metadata: { + scope?: string + expiresAt?: number + tokenType?: string + hasRefreshToken: boolean + } + createdAt: number + updatedAt: number + ssoConnectorId: string + issuer: string + identityId: string + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description User enterprise SSO identity not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListUserAllIdentities: { + parameters: { + query?: { + /** @description Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret. */ + includeTokenSecret?: string + } + header?: never + path: { + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Returns the user's social identities, enterprise SSO identities and associated token secret. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The user's social identities. */ + socialIdentities: { + identity: { + userId: string + /** @description arbitrary */ + details?: Record + } + tokenSecret?: { + tenantId: string + id: string + userId: string + /** Format: "federated_token_set" */ + type: string + metadata: { + scope?: string + expiresAt?: number + tokenType?: string + hasRefreshToken: boolean + } + createdAt: number + updatedAt: number + connectorId: string + identityId: string + target: string + } + target: string + }[] + /** @description The user's enterprise SSO identities. */ + ssoIdentities: { + ssoIdentity: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + } + tokenSecret?: { + tenantId: string + id: string + userId: string + /** Format: "federated_token_set" */ + type: string + metadata: { + scope?: string + expiresAt?: number + tokenType?: string + hasRefreshToken: boolean + } + createdAt: number + updatedAt: number + ssoConnectorId: string + issuer: string + identityId: string + } + ssoConnectorId: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description User not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListLogs: { + parameters: { + query?: { + /** @description Filter logs by user ID. */ + userId?: string + /** @description Filter logs by application ID. */ + applicationId?: string + /** @description Filter logs by log key. */ + logKey?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of logs that match the given query. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + key: string + payload: { + key: string + /** @enum {string} */ + result: "Success" | "Error" + error?: { + [key: string]: unknown + } | string + ip?: string + userAgent?: string + userId?: string + applicationId?: string + sessionId?: string + params?: { + [key: string]: unknown + } + } + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetLog: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the log. */ + id: components["parameters"]["logId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Log details. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + key: string + payload: { + key: string + /** @enum {string} */ + result: "Success" | "Error" + error?: { + [key: string]: unknown + } | string + ip?: string + userAgent?: string + userId?: string + applicationId?: string + sessionId?: string + params?: { + [key: string]: unknown + } + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Log not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListRoles: { + parameters: { + query?: { + /** @description Exclude roles assigned to a user. */ + excludeUserId?: string + /** @description Exclude roles assigned to an application. */ + excludeApplicationId?: string + /** @description Filter by role type. */ + type?: "User" | "MachineToMachine" + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of roles matching the filters. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + usersCount: number + featuredUsers: { + id: string + avatar: string | null + name: string | null + }[] + applicationsCount: number + featuredApplications: { + id: string + name: string + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateRole: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the role. It should be unique within the tenant. */ + name: string + description: string + /** + * @description The type of the role. It cannot be changed after creation. + * @enum {string} + */ + type?: "User" | "MachineToMachine" + isDefault?: boolean + /** @description The initial API resource scopes assigned to the role. */ + scopeIds?: string[] + } + } + } + responses: { + /** @description The created role. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the role. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The role was deleted. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The name of the role. It should be unique within the tenant. */ + name?: string + description?: string + isDefault?: boolean + } + } + } + responses: { + /** @description The updated role. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string + /** @enum {string} */ + type: "User" | "MachineToMachine" + isDefault: boolean + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListRoleUsers: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of users who have the role assigned. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateRoleUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of user IDs to be assigned. */ + userIds: string[] + } + } + } + responses: { + /** @description The role was assigned to the users successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteRoleUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The role was removed from the user. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListRoleApplications: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of applications that have the role assigned. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: string + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + }[] + } + } + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateRoleApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of application IDs to be assigned. */ + applicationIds: string[] + } + } + } + responses: { + /** @description The role was assigned to the applications successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteRoleApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The role was removed from the application. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListRoleScopes: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + /** @description Search query parameters. */ + search_params?: { + [key: string]: string + } + } + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of API resource scopes linked with the role. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + resource: { + tenantId: string + id: string + name: string + indicator: string + isDefault: boolean + accessTokenTtl: number + } + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateRoleScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of API resource scope IDs to be linked. */ + scopeIds: string[] + } + } + } + responses: { + /** @description The role was linked to the scopes successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Created */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteRoleScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the role. */ + id: components["parameters"]["roleId-root"] + /** @description The unique identifier of the scope. */ + scopeId: components["parameters"]["scopeId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The API resource scope was unlinked from the role. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetTotalUserCount: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Total user count. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + totalUserCount: number + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetNewUserCounts: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description New user count. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + today: { + count: number + delta: number + } + last7Days: { + count: number + delta: number + } + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetActiveUserCounts: { + parameters: { + query?: { + /** @description The date to get active user data. */ + date?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Active user data object. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + dauCurve: { + date: string + count: number + }[] + dau: { + count: number + delta: number + } + wau: { + count: number + delta: number + } + mau: { + count: number + delta: number + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListCustomPhrases: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An array of custom phrases. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + translation: components["schemas"]["TranslationObject"] + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetCustomPhrase: { + parameters: { + query?: never + header?: never + path: { + languageTag: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom phrases for the specified language tag. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + translation: components["schemas"]["TranslationObject"] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Custom phrases not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceCustomPhrase: { + parameters: { + query?: never + header?: never + path: { + languageTag: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + cookie?: never + } + requestBody: { + content: { + /** @example { + * "phraseKey1": "new value1", + * "phraseKey2": "new value2" + * } */ + "application/json": components["schemas"]["TranslationObject"] + } + } + responses: { + /** @description Custom phrases created or updated successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + translation: components["schemas"]["TranslationObject"] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid translation structure. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteCustomPhrase: { + parameters: { + query?: never + header?: never + path: { + languageTag: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom phrases deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Custom phrases not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Cannot delete the default language. */ + 409: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListHooks: { + parameters: { + query?: { + /** @description Whether to include execution stats in the response. */ + includeExecutionStats?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of hooks. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string|null} */ + event: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + retries?: number + } + signingKey: string + enabled: boolean + createdAt: number + executionStats?: { + successCount: number + requestCount: number + } + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateHook: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the hook. */ + name?: string + /** + * @deprecated + * @description Use `events` instead. + * @enum {string} + */ + event?: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" + /** @description An array of hook events. */ + events?: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + /** + * @deprecated + * @description Now the retry times is fixed to 3. Keep for backward compatibility. + */ + retries?: number + } + enabled?: boolean + createdAt?: number + } + } + } + responses: { + /** @description The hook was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string|null} */ + event: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + retries?: number + } + signingKey: string + enabled: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetHook: { + parameters: { + query?: { + /** @description Whether to include execution stats in the response. */ + includeExecutionStats?: string + } + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the hook. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string|null} */ + event: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + retries?: number + } + signingKey: string + enabled: boolean + createdAt: number + executionStats?: { + successCount: number + requestCount: number + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteHook: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The hook was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateHook: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The updated name of the hook. */ + name?: string + /** + * @deprecated + * @description Use `events` instead. + * @enum {string|null} + */ + event?: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + /** @description An array of updated hook events. */ + events?: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config?: { + url: string + headers?: { + [key: string]: string + } + /** + * @deprecated + * @description Now the retry times is fixed to 3. Keep for backward compatibility. + */ + retries?: number + } + enabled?: boolean + createdAt?: number + } + } + } + responses: { + /** @description The hook was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string|null} */ + event: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + retries?: number + } + signingKey: string + enabled: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListHookRecentLogs: { + parameters: { + query?: { + /** @description The log key to filter logs. */ + logKey?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of recent logs for the hook. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + key: string + payload: { + key: string + /** @enum {string} */ + result: "Success" | "Error" + error?: { + [key: string]: unknown + } | string + ip?: string + userAgent?: string + userId?: string + applicationId?: string + sessionId?: string + params?: { + [key: string]: unknown + } + } + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateHookTest: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of hook events for testing. */ + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + /** @description The hook configuration for testing. */ + config: { + url: string + headers?: { + [key: string]: string + } + /** + * @deprecated + * @description Now the retry times is fixed to 3. Keep for backward compatibility. + */ + retries?: number + } + /** + * @deprecated + * @description Use `events` instead. + */ + event?: unknown + } + } + } + responses: { + /** @description The hook test was successful. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateHookSigningKey: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the hook. */ + id: components["parameters"]["hookId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The signing key for the hook was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string|null} */ + event: "PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated" | null + events: ("PostRegister" | "PostSignIn" | "PostResetPassword" | "User.Created" | "User.Deleted" | "User.Data.Updated" | "User.SuspensionStatus.Updated" | "Role.Created" | "Role.Deleted" | "Role.Data.Updated" | "Role.Scopes.Updated" | "Scope.Created" | "Scope.Deleted" | "Scope.Data.Updated" | "Organization.Created" | "Organization.Deleted" | "Organization.Data.Updated" | "Organization.Membership.Updated" | "OrganizationRole.Created" | "OrganizationRole.Deleted" | "OrganizationRole.Data.Updated" | "OrganizationRole.Scopes.Updated" | "OrganizationScope.Created" | "OrganizationScope.Deleted" | "OrganizationScope.Data.Updated")[] + config: { + url: string + headers?: { + [key: string]: string + } + retries?: number + } + signingKey: string + enabled: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: regex */ + email: string + } | { + /** Format: regex */ + phone: string + } + } + } + responses: { + /** @description Verification code requested and sent successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad request. The payload may be invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: regex */ + email: string + verificationCode: string + } | { + /** Format: regex */ + phone: string + verificationCode: string + } + } + } + responses: { + /** @description Verification code verified successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad request. The payload may be invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetUserAssetServiceStatus: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description An object containing the service status and metadata. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + status: string + allowUploadMimeTypes?: ("image/jpeg" | "image/png" | "image/gif" | "image/vnd.microsoft.icon" | "image/x-icon" | "image/svg+xml" | "image/tiff" | "image/webp" | "image/bmp" | "application/zip")[] + maxUploadFileSize?: number + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateUserAsset: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: { + content: { + "multipart/form-data": { + /** @description The file asset to upload. */ + file?: unknown + } + } + } + responses: { + /** @description An object containing the uploaded asset metadata. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + url: string + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListDomains: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of domains. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateDomain: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The domain name, e.g. `example.com`. */ + domain: string + } + } + } + responses: { + /** @description The domain was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Validation error. Please check the request body. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the domain. */ + id: components["parameters"]["domainId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the domain. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The domain with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the domain. */ + id: components["parameters"]["domainId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The domain was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The domain with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOrganizationRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the organization role. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization role was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateOrganizationRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + id?: string + /** @description The updated name of the organization role. It must be unique within the organization template. */ + name?: string + /** @description The updated description of the organization role. */ + description?: string | null + /** @enum {string} */ + type?: "User" | "MachineToMachine" + } + } + } + responses: { + /** @description The organization role was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization role name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationRoles: { + parameters: { + query?: { + q?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organization roles. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + scopes: { + id: string + name: string + }[] + resourceScopes: { + id: string + name: string + resource: { + id: string + name: string + } + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationRole: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the organization role. It must be unique within the organization template. */ + name: string + /** @description The description of the organization role. */ + description?: string | null + /** @enum {string} */ + type?: "User" | "MachineToMachine" + /** + * @description An array of organization scope IDs to be assigned to the organization role. + * @default [] + */ + organizationScopeIds: string[] + /** + * @description An array of resource scope IDs to be assigned to the organization role. + * @default [] + */ + resourceScopeIds: string[] + } + } + } + responses: { + /** @description The organization role was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization role name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationRoleScopes: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organization scopes. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationRoleScopes: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of organization scope IDs to replace existing scopes. */ + organizationScopeIds: string[] + } + } + } + responses: { + /** @description Organization scopes were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is invalid. For example, the organization scope ID does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationRoleScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of organization scope IDs to be assigned. Existed scope IDs assignments will be ignored. */ + organizationScopeIds: string[] + } + } + } + responses: { + /** @description Organization scopes were assigned successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is invalid. For example, the organization scope ID does not exist; */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationRoleScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + /** @description The unique identifier of the organization scope. */ + organizationScopeId: components["parameters"]["organizationScopeId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Organization scope assignment was removed successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationRoleResourceScopes: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of resource scopes. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + resourceId: string + name: string + description: string | null + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationRoleResourceScopes: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of resource scope IDs to replace existing scopes. */ + scopeIds: string[] + } + } + } + responses: { + /** @description Resource scopes were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is invalid. For example, the resource scope ID does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationRoleResourceScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of resource scope IDs to be assigned. Existed scope IDs assignments will be ignored. */ + scopeIds: string[] + } + } + } + responses: { + /** @description Resource scopes were assigned successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is invalid. For example, the resource scope ID does not exist; */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationRoleResourceScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization role. */ + id: components["parameters"]["organizationRoleId-root"] + /** @description The unique identifier of the scope. */ + scopeId: components["parameters"]["scopeId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Resource scope assignment was removed successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationScopes: { + parameters: { + query?: { + q?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organization scopes. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationScope: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the organization scope. It must be unique within the organization template. */ + name: string + /** @description The description of the organization scope. */ + description?: string | null + } + } + } + responses: { + /** @description The organization scope was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization scope name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOrganizationScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization scope. */ + id: components["parameters"]["organizationScopeId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization scope data for the given ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization scope. */ + id: components["parameters"]["organizationScopeId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization scope was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateOrganizationScope: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization scope. */ + id: components["parameters"]["organizationScopeId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + id?: string + /** @description The updated name of the organization scope. It must be unique within the organization template. */ + name?: string + /** @description The updated description of the organization scope. */ + description?: string | null + } + } + } + responses: { + /** @description The organization scope was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization scope name is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOrganizationInvitation: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization invitation. */ + id: components["parameters"]["organizationInvitationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization invitation, also contains the organization roles to be assigned to the user when they accept the invitation. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + inviterId: string | null + invitee: string + acceptedUserId: string | null + organizationId: string + /** @enum {string} */ + status: "Pending" | "Accepted" | "Expired" | "Revoked" + createdAt: number + updatedAt: number + expiresAt: number + organizationRoles: { + id: string + name: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationInvitation: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization invitation. */ + id: components["parameters"]["organizationInvitationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization invitation was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationInvitations: { + parameters: { + query?: { + organizationId?: string + inviterId?: string + invitee?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organization invitations, each item also contains the organization roles to be assigned to the user when they accept the invitation. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + inviterId: string | null + invitee: string + acceptedUserId: string | null + organizationId: string + /** @enum {string} */ + status: "Pending" | "Accepted" | "Expired" | "Revoked" + createdAt: number + updatedAt: number + expiresAt: number + organizationRoles: { + id: string + name: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationInvitation: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + /** @description The organization invitation to create. */ + requestBody: { + content: { + "application/json": { + /** @description The ID of the user who is inviting the user to join the organization. */ + inviterId?: string | null + /** + * Format: email + * @description The email address of the user to invite to join the organization. + */ + invitee: string + /** @description The ID of the organization to invite the user to join. */ + organizationId: string + /** @description The epoch time in milliseconds when the invitation expires. */ + expiresAt: number + /** @description The IDs of the organization roles to assign to the user when they accept the invitation. */ + organizationRoleIds?: string[] + /** + * @description The message payload for the "OrganizationInvitation" template to use when sending the invitation via email. If it is `false`, the invitation will not be sent via email. + * @default false + */ + messagePayload: { + code?: string + link?: string + locale?: string + } | boolean + } + } + } + responses: { + /** @description The organization invitation was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + inviterId: string | null + invitee: string + acceptedUserId: string | null + organizationId: string + /** @enum {string} */ + status: "Pending" | "Accepted" | "Expired" | "Revoked" + createdAt: number + updatedAt: number + expiresAt: number + organizationRoles: { + id: string + name: string + }[] + } + } + } + /** @description The organization invitation could not be created. This can happen if the input is invalid or if the expiration date is in the past. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description No email connector is configured for the tenant. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationInvitationMessage: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization invitation. */ + id: components["parameters"]["organizationInvitationId-root"] + } + cookie?: never + } + /** @description The message payload for the "OrganizationInvitation" template to use when sending the invitation via email. */ + requestBody: { + content: { + "application/json": { + code?: string + link?: string + locale?: string + } + } + } + responses: { + /** @description The invitation message was resent successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationInvitationStatus: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization invitation. */ + id: components["parameters"]["organizationInvitationId-root"] + } + cookie?: never + } + /** @description The organization invitation status to update. */ + requestBody: { + content: { + "application/json": { + /** @description The ID of the user who accepted the organization invitation. Required if the status is "Accepted". */ + acceptedUserId?: string | null + /** + * @description The status of the organization invitation. + * @enum {string} + */ + status: "Accepted" | "Revoked" + } + } + } + responses: { + /** @description The organization invitation status was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + inviterId: string | null + invitee: string + acceptedUserId: string | null + organizationId: string + /** @enum {string} */ + status: "Pending" | "Accepted" | "Expired" | "Revoked" + createdAt: number + updatedAt: number + expiresAt: number + organizationRoles: { + id: string + name: string + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization invitation status could not be updated. This can happen if the current status is not "Pending" or if the status is "Accepted" and the accepted user ID is not provided. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizations: { + parameters: { + query?: { + /** @description The query to filter organizations. It can be a partial ID or name. + * + * If not provided, all organizations will be returned. */ + q?: string + /** @description Whether to show featured users in the organization. Featured users are randomly selected from the organization members. + * + * If not provided, `featuredUsers` will not be included in the response. */ + showFeatured?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organizations. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + usersCount?: number + featuredUsers?: { + id: string + avatar: string | null + name: string | null + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganization: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + /** @description The name of the organization. */ + name: string + /** @description The description of the organization. */ + description?: string | null + /** @description arbitrary */ + customData?: Record + isMfaRequired?: boolean + branding?: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt?: number + } + } + } + responses: { + /** @description The organization was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOrganization: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Details of the organization. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganization: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateOrganization: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + tenantId?: string + id?: string + /** @description The updated name of the organization. */ + name?: string + /** @description The updated description of the organization. */ + description?: string | null + /** @description arbitrary */ + customData?: Record + isMfaRequired?: boolean + branding?: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt?: number + } + } + } + responses: { + /** @description The organization was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @description arbitrary */ + customData: Record + isMfaRequired: boolean + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationUsers: { + parameters: { + query?: { + /** @description The query to filter users. It will match multiple fields of users, including ID, name, username, email, and phone number. + * + * If not provided, all users will be returned. */ + q?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of users that are members of the organization. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + username: string | null + primaryEmail: string | null + primaryPhone: string | null + name: string | null + avatar: string | null + /** @description arbitrary */ + customData: Record + identities: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt: number | null + createdAt: number + updatedAt: number + profile: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId: string | null + isSuspended: boolean + organizationRoles: { + id: string + name: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationUsers: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of user IDs to replace existing users. */ + userIds: string[] + } + } + } + responses: { + /** @description Successfully replaced all users for the organization. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is not valid. For example, the organization ID or user ID does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddOrganizationUsers: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of user IDs to be added to the organization. Organization existed users assignment will be ignored. */ + userIds: string[] + } + } + } + responses: { + /** @description Users were added to the organization successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is not valid. For example, the organization ID or user ID does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The user was removed from the organization members successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignOrganizationRolesToUsers: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of user IDs to assign roles. */ + userIds: string[] + /** @description An array of organization role IDs to assign. User existed roles assignment will be ignored. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description Roles were assigned to organization users successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is not valid. For example, the organization ID, user ID, or organization role ID does not exist; the user is not a member of the organization; or the role type is not assignable to the user. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationUserRoles: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of roles assigned to the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationUserRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of organization role IDs to update for the user. */ + organizationRoleIds?: string[] + /** @description An array of organization role names to update for the user. */ + organizationRoleNames?: string[] + } + } + } + responses: { + /** @description Roles were updated for the user successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization; or at least one of the IDs provided is not valid. For example, the organization ID or organization role ID does not exist; or at least one of the role names provided is not valid. For example, the organization role name does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignOrganizationRolesToUser: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of organization role IDs to assign to the user. User existed roles assignment will be ignored. */ + organizationRoleIds?: string[] + /** @description An array of organization role names to assign to the user. User existed roles assignment will be ignored. */ + organizationRoleNames?: string[] + } + } + } + responses: { + /** @description Roles were assigned to the user successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization; or at least one of the IDs provided is not valid. For example, the organization ID or organization role ID does not exist; or at least one of the role names provided is not valid. For example, the organization role name does not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationUserRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + /** @description The unique identifier of the organization role. */ + organizationRoleId: components["parameters"]["organizationRoleId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The role was removed from the user successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Cannot find the record to delete. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationUserScopes: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the user. */ + userId: components["parameters"]["userId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of scopes assigned to the user. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is not a member of the organization. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationApplications: { + parameters: { + query?: { + q?: string + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of applications. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + secret: components["schemas"]["ApplicationLegacySecret"] + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + oidcClientMetadata: { + redirectUris: (Record | Record)[] + postLogoutRedirectUris: string[] + /** Format: url */ + backchannelLogoutUri?: string + backchannelLogoutSessionRequired?: boolean + logoUri?: string + } + customClientMetadata: { + corsAllowedOrigins?: string[] + idTokenTtl?: number + refreshTokenTtl?: number + refreshTokenTtlInDays?: number + tenantId?: string + alwaysIssueRefreshToken?: boolean + rotateRefreshToken?: boolean + } + protectedAppMetadata: { + host: string + origin: string + sessionDuration: number + pageRules: { + path: string + }[] + customDomains?: { + domain: string + /** @enum {string} */ + status: "PendingVerification" | "PendingSsl" | "Active" | "Error" + errorMessage: string | null + dnsRecords: { + name: string + type: string + value: string + }[] + cloudflareData: { + id: string + status: string + ssl: { + status: string + validation_errors?: { + message: string + }[] + } + verification_errors?: string[] + } | null + }[] + } | null + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + organizationRoles: { + id: string + name: string + }[] + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationApplications: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of application IDs to replace existing applications. */ + applicationIds: string[] + } + } + } + responses: { + /** @description The applications were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The applications could not be replaced. Some of the applications may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddOrganizationApplications: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The application IDs to add. */ + applicationIds: string[] + } + } + } + responses: { + /** @description The application was added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application could not be added. Some of the applications may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The application was removed from the organization successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignOrganizationRolesToApplications: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of application IDs to assign roles to. */ + applicationIds: string[] + /** @description An array of organization role IDs to assign to the applications. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description Roles were assigned to the applications successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At least one of the IDs provided is not valid. For example, the organization ID, application ID, or organization role ID does not exist; the application is not a member of the organization; or the role type is not assignable to the application. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationApplicationRoles: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of roles. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationApplicationRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of role IDs to replace existing roles. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description The roles were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The roles could not be replaced. Some of the roles may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssignOrganizationRolesToApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The role ID to add. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description The role was added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The role could not be added. Some of the roles may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationApplicationRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the application. */ + applicationId: components["parameters"]["applicationId"] + /** @description The unique identifier of the organization role. */ + organizationRoleId: components["parameters"]["organizationRoleId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The role was removed from the application in the organization successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Cannot find the record to delete. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The application is not associated with the organization. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationJitEmailDomains: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of email domains. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + organizationId: string + emailDomain: string + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationJitEmailDomains: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of email domains to replace existing email domains. */ + emailDomains: string[] + } + } + } + responses: { + /** @description The email domains were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationJitEmailDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The email domain to add. */ + emailDomain: string + } + } + } + responses: { + /** @description The email domain was added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + organizationId: string + emailDomain: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The email domain is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationJitEmailDomain: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The email domain to remove. */ + emailDomain: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The email domain was removed successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The email domain was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationJitRoles: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of organization roles. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "User" | "MachineToMachine" + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationJitRoles: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of organization role IDs to replace existing organization roles. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description The organization roles were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization roles could not be replaced. Some of the organization roles may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationJitRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The organization role IDs to add. */ + organizationRoleIds: string[] + } + } + } + responses: { + /** @description The organization roles were added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization roles could not be added. Some of the organization roles may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationJitRole: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the organization role. */ + organizationRoleId: components["parameters"]["organizationRoleId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The organization role was removed successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The organization role could not be removed. The organization role may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOrganizationJitSsoConnectors: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of SSO connectors. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + providerName: string + connectorName: string + /** @description arbitrary */ + config: Record + domains: string[] + branding: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile: boolean + enableTokenStorage: boolean + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOrganizationJitSsoConnectors: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description An array of SSO connector IDs to replace existing SSO connectors. */ + ssoConnectorIds: string[] + } + } + } + responses: { + /** @description The SSO connectors were replaced successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SSO connectors could not be replaced. Some of the SSO connectors may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateOrganizationJitSsoConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The SSO connector IDs to add. */ + ssoConnectorIds: string[] + } + } + } + responses: { + /** @description The SSO connectors were added successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SSO connectors could not be added. Some of the SSO connectors may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOrganizationJitSsoConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the organization. */ + id: components["parameters"]["organizationId-root"] + /** @description The unique identifier of the sso connector. */ + ssoConnectorId: components["parameters"]["ssoConnectorId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The SSO connector was removed successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SSO connector could not be removed. The SSO connector may not exist. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListSsoConnectorProviders: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of SSO provider data. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @enum {string} */ + providerName: "OIDC" | "SAML" | "AzureAD" | "GoogleWorkspace" | "Okta" | "AzureAdOidc" + /** @enum {string} */ + providerType: "oidc" | "saml" + logo: string + logoDark: string + description: string + name: string + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListSsoConnectors: { + parameters: { + query?: { + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of SSO connectors. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + /** @enum {string} */ + providerName: "OIDC" | "SAML" | "AzureAD" | "GoogleWorkspace" | "Okta" | "AzureAdOidc" + connectorName: string + /** @description arbitrary */ + config: Record + domains: string[] + branding: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile: boolean + enableTokenStorage: boolean + createdAt: number + name: string + /** @enum {string} */ + providerType: "oidc" | "saml" + providerLogo: string + providerLogoDark: string + providerConfig?: { + [key: string]: unknown + } + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSsoConnector: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description arbitrary */ + config?: Record + domains?: string[] + branding?: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile?: boolean + enableTokenStorage?: boolean + providerName: string + connectorName: string + } + } + } + responses: { + /** @description The created SSO connector. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + providerName: string + connectorName: string + /** @description arbitrary */ + config: Record + domains: string[] + branding: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile: boolean + enableTokenStorage: boolean + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Conflict */ + 409: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At lease one of the given input fields is invalid or IdP connection cannot be verified with the given config. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSsoConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the sso connector. */ + id: components["parameters"]["ssoConnectorId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The SSO connector data with the given ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + /** @enum {string} */ + providerName: "OIDC" | "SAML" | "AzureAD" | "GoogleWorkspace" | "Okta" | "AzureAdOidc" + connectorName: string + /** @description arbitrary */ + config: Record + domains: string[] + branding: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile: boolean + enableTokenStorage: boolean + createdAt: number + name: string + /** @enum {string} */ + providerType: "oidc" | "saml" + providerLogo: string + providerLogoDark: string + providerConfig?: { + [key: string]: unknown + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description SSO connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteSsoConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the sso connector. */ + id: components["parameters"]["ssoConnectorId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description SSO connector deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description SSO connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateSsoConnector: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the sso connector. */ + id: components["parameters"]["ssoConnectorId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description arbitrary */ + config?: Record + domains?: string[] + branding?: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile?: boolean + connectorName?: string + enableTokenStorage?: boolean + } + } + } + responses: { + /** @description The updated SSO connector. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + /** @enum {string} */ + providerName: "OIDC" | "SAML" | "AzureAD" | "GoogleWorkspace" | "Okta" | "AzureAdOidc" + connectorName: string + /** @description arbitrary */ + config: Record + domains: string[] + branding: { + displayName?: string + logo?: string + darkLogo?: string + } + syncProfile: boolean + enableTokenStorage: boolean + createdAt: number + name: string + /** @enum {string} */ + providerType: "oidc" | "saml" + providerLogo: string + providerLogoDark: string + providerConfig?: { + [key: string]: unknown + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description SSO connector not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Conflict */ + 409: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description At lease one of the update fields is invalid or IdP connection can not be verified with the given connection config. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSystemApplicationConfig: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The application constants. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + protectedApps: { + defaultDomain: string + } + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Implemented */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSubjectToken: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The ID of the user to impersonate. */ + userId: string + /** @description The additional context to be included in the token, this can be used in custom JWT. */ + context?: Record + } + } + } + responses: { + /** @description The subject token has been created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + subjectToken: string + expiresIn: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetAccountCenterSettings: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Account center settings. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + enabled: boolean + fields: { + /** @enum {string} */ + name?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + avatar?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + profile?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + email?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + phone?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + password?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + username?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + social?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + customData?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + mfa?: "Off" | "ReadOnly" | "Edit" + } + webauthnRelatedOrigins: string[] + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateAccountCenterSettings: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Enable or disable the account API. */ + enabled?: boolean + /** @description The fields settings for the account API. */ + fields?: { + /** @enum {string} */ + name?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + avatar?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + profile?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + email?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + phone?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + password?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + username?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + social?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + customData?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + mfa?: "Off" | "ReadOnly" | "Edit" + } + /** @description The allowed domains for webauthn. */ + webauthnRelatedOrigins?: string[] + } + } + } + responses: { + /** @description Updated account center settings. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + enabled: boolean + fields: { + /** @enum {string} */ + name?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + avatar?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + profile?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + email?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + phone?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + password?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + username?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + social?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + customData?: "Off" | "ReadOnly" | "Edit" + /** @enum {string} */ + mfa?: "Off" | "ReadOnly" | "Edit" + } + webauthnRelatedOrigins: string[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSamlApplication: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The name of the SAML application. */ + name: string + /** @description Optional description of the SAML application. */ + description?: string | null + /** @description Optional custom data for the application. */ + customData?: Record + attributeMapping?: { + sub?: string + name?: string + given_name?: string + family_name?: string + middle_name?: string + nickname?: string + preferred_username?: string + profile?: string + picture?: string + website?: string + email?: string + email_verified?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + phone_number?: string + phone_number_verified?: string + address?: string + updated_at?: string + username?: string + roles?: string + organizations?: string + organization_data?: string + organization_roles?: string + custom_data?: string + identities?: string + sso_identities?: string + created_at?: string + } + entityId?: string | null + /** @description The Assertion Consumer Service (ACS) URL where the SAML response will be sent. */ + acsUrl?: string | null + /** @description Validator function */ + encryption?: Record | null + /** + * @default urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + * @enum {string} + */ + nameIdFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" | "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + } + } + } + responses: { + /** @description The SAML application was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + attributeMapping: { + sub?: string + name?: string + given_name?: string + family_name?: string + middle_name?: string + nickname?: string + preferred_username?: string + profile?: string + picture?: string + website?: string + email?: string + email_verified?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + phone_number?: string + phone_number_verified?: string + address?: string + updated_at?: string + username?: string + roles?: string + organizations?: string + organization_data?: string + organization_roles?: string + custom_data?: string + identities?: string + sso_identities?: string + created_at?: string + } + entityId: string | null + acsUrl: { + /** @enum {string} */ + binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" | "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + /** Format: url */ + url: string + } | null + /** @description Validator function */ + encryption: Record | null + /** @enum {string} */ + nameIdFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" | "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + } + } + } + /** @description Invalid request body. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Validation error. The ACS URL is invalid or other validation errors. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSamlApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the SAML application. */ + id: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The SAML application details. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + attributeMapping: { + sub?: string + name?: string + given_name?: string + family_name?: string + middle_name?: string + nickname?: string + preferred_username?: string + profile?: string + picture?: string + website?: string + email?: string + email_verified?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + phone_number?: string + phone_number_verified?: string + address?: string + updated_at?: string + username?: string + roles?: string + organizations?: string + organization_data?: string + organization_roles?: string + custom_data?: string + identities?: string + sso_identities?: string + created_at?: string + } + entityId: string | null + acsUrl: { + /** @enum {string} */ + binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" | "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + /** Format: url */ + url: string + } | null + /** @description Validator function */ + encryption: Record | null + /** @enum {string} */ + nameIdFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" | "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteSamlApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the saml application. */ + id: components["parameters"]["samlApplicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The SAML application was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The specified application is not a SAML application. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateSamlApplication: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the saml application. */ + id: components["parameters"]["samlApplicationId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The name of the SAML application. */ + name?: string + /** @description Description of the SAML application. */ + description?: string | null + /** @description Custom data for the application. */ + customData?: Record + attributeMapping?: { + sub?: string + name?: string + given_name?: string + family_name?: string + middle_name?: string + nickname?: string + preferred_username?: string + profile?: string + picture?: string + website?: string + email?: string + email_verified?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + phone_number?: string + phone_number_verified?: string + address?: string + updated_at?: string + username?: string + roles?: string + organizations?: string + organization_data?: string + organization_roles?: string + custom_data?: string + identities?: string + sso_identities?: string + created_at?: string + } + entityId?: string | null + /** @description The Assertion Consumer Service (ACS) URL. */ + acsUrl?: string | null + /** @description Validator function */ + encryption?: Record | null + /** @enum {string} */ + nameIdFormat?: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" | "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + } + } + } + responses: { + /** @description The SAML application was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + description: string | null + /** @enum {string} */ + type: "Native" | "SPA" | "Traditional" | "MachineToMachine" | "Protected" | "SAML" + /** @description arbitrary */ + customData: Record + isThirdParty: boolean + createdAt: number + attributeMapping: { + sub?: string + name?: string + given_name?: string + family_name?: string + middle_name?: string + nickname?: string + preferred_username?: string + profile?: string + picture?: string + website?: string + email?: string + email_verified?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + phone_number?: string + phone_number_verified?: string + address?: string + updated_at?: string + username?: string + roles?: string + organizations?: string + organization_data?: string + organization_roles?: string + custom_data?: string + identities?: string + sso_identities?: string + created_at?: string + } + entityId: string | null + acsUrl: { + /** @enum {string} */ + binding: "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" | "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" + /** Format: url */ + url: string + } | null + /** @description Validator function */ + encryption: Record | null + /** @enum {string} */ + nameIdFormat: "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" | "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" | "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" | "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Validation error. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListSamlApplicationSecrets: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the saml application. */ + id: components["parameters"]["samlApplicationId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of signing certificates. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The ID of the signing certificate. */ + id: string + /** @description The X.509 certificate in PEM format. */ + certificate: string + createdAt: number + /** + * Format: date-time + * @description The expiration time of the certificate. + */ + expiresAt: string + active: boolean + fingerprints: { + sha256: { + formatted: string + unformatted: string + } + } + /** @description The SHA-256 fingerprint of the certificate. */ + fingerprint?: string + /** @description Whether this certificate is currently active. */ + isActive?: boolean + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSamlApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the SAML application. */ + id: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The lifetime of the certificate in years (minimum 1 year). */ + lifeSpanInYears: number + } + } + } + responses: { + /** @description The signing certificate was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + certificate: string + createdAt: number + expiresAt: number + active: boolean + fingerprints: { + sha256: { + formatted: string + unformatted: string + } + } + } + } + } + /** @description Invalid request body. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteSamlApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the SAML application. */ + id: string + /** @description The unique identifier of the secret. */ + secretId: components["parameters"]["secretId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The signing certificate was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Cannot delete an active certificate. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application or certificate was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateSamlApplicationSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the saml application. */ + id: components["parameters"]["samlApplicationId-root"] + /** @description The unique identifier of the secret. */ + secretId: components["parameters"]["secretId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Whether the certificate is active. */ + active: boolean + } + } + } + responses: { + /** @description The signing certificate was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + certificate: string + createdAt: number + expiresAt: number + active: boolean + fingerprints: { + sha256: { + formatted: string + unformatted: string + } + } + } + } + } + /** @description Invalid request body. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application or certificate was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListEmailTemplates: { + parameters: { + query?: { + /** @description The language tag of the email template, e.g., `en` or `fr`. */ + languageTag?: string + /** @description The type of the email template, e.g. `SignIn` or `ForgotPassword` */ + templateType?: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The list of matched email templates. Returns empty list, if no email template is found. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + details: { + subject: string + content: string + contentType?: string + replyTo?: string + sendFrom?: string + } + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceEmailTemplates: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + templates: { + /** @description The language tag of the email template, e.g., `en` or `fr`. */ + languageTag: string + /** + * @description The type of the email template, e.g. `SignIn` or `ForgotPassword` + * @enum {string} + */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + /** @description The details of the email template. */ + details: { + /** @description The template of the email subject. */ + subject: string + /** @description The template of the email body. */ + content: string + /** @description The content type of the email body. (Only required by some specific email providers.) */ + contentType?: string + /** @description The reply name template of the email. If not provided, the target email address will be used. (The render logic may differ based on the email provider.) */ + replyTo?: string + /** @description The send from name template of the email. If not provided, the default Logto email address will be used. (The render logic may differ based on the email provider.) */ + sendFrom?: string + } + }[] + } + } + } + responses: { + /** @description The list of newly created or replaced email templates. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + details: { + subject: string + content: string + contentType?: string + replyTo?: string + sendFrom?: string + } + createdAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteEmailTemplates: { + parameters: { + query?: { + /** @description The language tag of the email template, e.g., `en` or `fr`. */ + languageTag?: string + /** @description The type of the email template, e.g. `SignIn` or `ForgotPassword` */ + templateType?: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The email templates were deleted successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The number of email templates deleted. */ + rowCount: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description No filter query parameters were provided. This bulk deletion API requires at least one filter query parameter. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetEmailTemplate: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the email template. */ + id: components["parameters"]["emailTemplateId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The email template. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + details: { + subject: string + content: string + contentType?: string + replyTo?: string + sendFrom?: string + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The email template was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteEmailTemplate: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the email template. */ + id: components["parameters"]["emailTemplateId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The email template was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The email template was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateEmailTemplateDetails: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the email template. */ + id: components["parameters"]["emailTemplateId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The template of the email subject. */ + subject?: string + /** @description The template of the email body. */ + content?: string + /** @description The content type of the email body. (Only required by some specific email providers.) */ + contentType?: string + /** @description The reply name template of the email. If not provided, the target email address will be used. (The render logic may differ based on the email provider.) */ + replyTo?: string + /** @description The send from name template of the email. If not provided, the default Logto email address will be used. (The render logic may differ based on the email provider.) */ + sendFrom?: string + } + } + } + responses: { + /** @description The updated email template. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + languageTag: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + details: { + subject: string + content: string + contentType?: string + replyTo?: string + sendFrom?: string + } + createdAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The email template was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListOneTimeTokens: { + parameters: { + query?: { + /** @description Filter one-time tokens by email address. */ + email?: string + /** @description Filter one-time tokens by status. */ + status?: "active" | "consumed" | "revoked" | "expired" + /** @description Page number (starts from 1). */ + page?: number + /** @description Entries per page. */ + page_size?: number + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description A list of one-time tokens. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + email: string + token: string + context: { + jitOrganizationIds?: string[] + } + /** @enum {string} */ + status: "active" | "consumed" | "revoked" | "expired" + createdAt: number + expiresAt: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddOneTimeTokens: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The email address to associate with the one-time token. */ + email: string + /** @description Additional context to store with the one-time token. This can be used to store arbitrary data that will be associated with the token. */ + context?: { + jitOrganizationIds?: string[] + } + /** @description The expiration time in seconds. If not provided, defaults to 2 days (172,800 seconds). */ + expiresIn?: number + } + } + } + responses: { + /** @description The one-time token was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + email: string + token: string + context: { + jitOrganizationIds?: string[] + } + /** @enum {string} */ + status: "active" | "consumed" | "revoked" | "expired" + createdAt: number + expiresAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetOneTimeToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the one time token. */ + id: components["parameters"]["oneTimeTokenId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The one-time token found by ID. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + email: string + token: string + context: { + jitOrganizationIds?: string[] + } + /** @enum {string} */ + status: "active" | "consumed" | "revoked" | "expired" + createdAt: number + expiresAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteOneTimeToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the one time token. */ + id: components["parameters"]["oneTimeTokenId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The one-time token was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyOneTimeToken: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The one-time token to verify. */ + token: string + /** @description The email address associated with the one-time token. */ + email: string + } + } + } + responses: { + /** @description The one-time token was verified successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + email: string + token: string + context: { + jitOrganizationIds?: string[] + } + /** @enum {string} */ + status: "active" | "consumed" | "revoked" | "expired" + createdAt: number + expiresAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ReplaceOneTimeTokenStatus: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the one time token. */ + id: components["parameters"]["oneTimeTokenId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * @description The new status of the one-time token. + * @enum {string} + */ + status: "active" | "consumed" | "revoked" | "expired" + } + } + } + responses: { + /** @description The one-time token status was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + email: string + token: string + context: { + jitOrganizationIds?: string[] + } + /** @enum {string} */ + status: "active" | "consumed" | "revoked" | "expired" + createdAt: number + expiresAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetCaptchaProvider: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Captcha provider. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + config: { + /** Format: "Turnstile" */ + type: string + siteKey: string + secretKey: string + } | { + /** Format: "RecaptchaEnterprise" */ + type: string + siteKey: string + secretKey: string + projectId: string + } + createdAt: number + updatedAt: number + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Captcha provider not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateCaptchaProvider: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The captcha provider config. */ + config: { + /** Format: "Turnstile" */ + type: string + siteKey: string + secretKey: string + } | { + /** Format: "RecaptchaEnterprise" */ + type: string + siteKey: string + secretKey: string + projectId: string + } + } + } + } + responses: { + /** @description Updated captcha provider. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + config: { + /** Format: "Turnstile" */ + type: string + siteKey: string + secretKey: string + } | { + /** Format: "RecaptchaEnterprise" */ + type: string + siteKey: string + secretKey: string + projectId: string + } + createdAt: number + updatedAt: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteCaptchaProvider: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Captcha provider deleted. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteSentinelActivities: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @enum {string} */ + targetType: "User" | "App" + targets: string[] + } + } + } + responses: { + /** @description Activities deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListCustomProfileFields: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom profile fields ordered by sieOrder (Sign-in Experience order). */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + }[] + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateCustomProfileField: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + name: string + /** Format: "Text" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + } + } | { + name: string + /** Format: "Number" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minValue?: number + maxValue?: number + } + } | { + name: string + /** Format: "Date" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + format: string + customFormat?: string + } + } | { + name: string + /** Format: "Checkbox" */ + type: string + label?: string + /** Format: false */ + required: boolean + config?: { + defaultValue: string + } + } | { + name: string + /** Format: "Select" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + options: { + label?: string + value: string + }[] + } + } | { + name: string + /** Format: "Url" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + } + } | { + name: string + /** Format: "Regex" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + format: string + } + } | { + name: string + /** Format: "Address" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "formatted" | "streetAddress" | "locality" | "region" | "postalCode" | "country" + }[] + } + } | { + name: string + /** Format: "Fullname" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "givenName" | "middleName" | "familyName" + }[] + } + } + } + } + responses: { + /** @description Created */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetCustomProfileFieldByName: { + parameters: { + query?: never + header?: never + path: { + name: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom profile field found successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateCustomProfileFieldByName: { + parameters: { + query?: never + header?: never + path: { + name: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: "Text" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + } + } | { + /** Format: "Number" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minValue?: number + maxValue?: number + } + } | { + /** Format: "Date" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + format: string + customFormat?: string + } + } | { + /** Format: "Checkbox" */ + type: string + label?: string + /** Format: false */ + required: boolean + config?: { + defaultValue: string + } + } | { + /** Format: "Select" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + options: { + label?: string + value: string + }[] + } + } | { + /** Format: "Url" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + } + } | { + /** Format: "Regex" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + format: string + } + } | { + /** Format: "Address" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "formatted" | "streetAddress" | "locality" | "region" | "postalCode" | "country" + }[] + } + } | { + /** Format: "Fullname" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "givenName" | "middleName" | "familyName" + }[] + } + } + } + } + responses: { + /** @description Custom profile field updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteCustomProfileFieldByName: { + parameters: { + query?: never + header?: never + path: { + name: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Custom profile field deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateCustomProfileFieldsBatch: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": ({ + name: string + /** Format: "Text" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + } + } | { + name: string + /** Format: "Number" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minValue?: number + maxValue?: number + } + } | { + name: string + /** Format: "Date" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + format: string + customFormat?: string + } + } | { + name: string + /** Format: "Checkbox" */ + type: string + label?: string + /** Format: false */ + required: boolean + config?: { + defaultValue: string + } + } | { + name: string + /** Format: "Select" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + options: { + label?: string + value: string + }[] + } + } | { + name: string + /** Format: "Url" */ + type: string + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + } + } | { + name: string + /** Format: "Regex" */ + type: string + label?: string + description?: string + required: boolean + config: { + placeholder?: string + format: string + } + } | { + name: string + /** Format: "Address" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "formatted" | "streetAddress" | "locality" | "region" | "postalCode" | "country" + }[] + } + } | { + name: string + /** Format: "Fullname" */ + type: string + label?: string + description?: string + required: boolean + config: { + parts: { + enabled: boolean + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + /** @enum {string} */ + name: "givenName" | "middleName" | "familyName" + }[] + } + })[] + } + } + responses: { + /** @description Custom profile fields created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateCustomProfileFieldsSieOrder: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + order: { + name: string + sieOrder: number + }[] + } + } + } + responses: { + /** @description Custom profile fields updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteSecret: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the secret. */ + id: components["parameters"]["secretId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The secret was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The secret with the specified ID was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSignInExperienceConfig: { + parameters: { + query?: { + organizationId?: string + appId?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The full sign-in experience configuration. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + color: { + /** Format: regex */ + primaryColor: string + isDarkModeEnabled: boolean + /** Format: regex */ + darkPrimaryColor: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + languageInfo: { + autoDetect: boolean + /** @enum {string} */ + fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + /** @enum {string} */ + agreeToTermsPolicy: "Automatic" | "ManualRegistrationOnly" | "Manual" + signIn: { + methods: { + /** @enum {string} */ + identifier: "username" | "email" | "phone" + password: boolean + verificationCode: boolean + isPasswordPrimary: boolean + }[] + } + signUp: { + identifiers: ("username" | "email" | "phone")[] + password: boolean + verify: boolean + secondaryIdentifiers?: { + identifier: ("username" | "email" | "phone") | "emailOrPhone" + verify?: boolean + }[] + } + socialSignIn: { + automaticAccountLinking?: boolean + } + socialSignInConnectorTargets: string[] + /** @enum {string} */ + signInMode: "SignIn" | "Register" | "SignInAndRegister" + customCss: string | null + customContent: { + [key: string]: string + } + customUiAssets: { + id: string + createdAt: number + } | null + passwordPolicy: { + /** @default {} */ + length: { + /** @default 8 */ + min: number + /** @default 256 */ + max: number + } + /** @default {} */ + characterTypes: { + /** @default 1 */ + min: number + } + /** @default {} */ + rejects: { + /** @default true */ + pwned: boolean + /** @default true */ + repetitionAndSequence: boolean + /** @default true */ + userInfo: boolean + /** @default [] */ + words: string[] + } + } + mfa: { + factors: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + /** @enum {string} */ + policy: "UserControlled" | "Mandatory" | "PromptOnlyAtSignIn" | "PromptAtSignInAndSignUp" | "NoPrompt" + /** @enum {string} */ + organizationRequiredMfaPolicy?: "NoPrompt" | "Mandatory" + } + singleSignOnEnabled: boolean + supportEmail: string | null + supportWebsiteUrl: string | null + unknownSessionRedirectUrl: string | null + captchaPolicy: { + enabled?: boolean + } + sentinelPolicy: { + maxAttempts?: number + lockoutDuration?: number + } + emailBlocklistPolicy: { + blockDisposableAddresses?: boolean + blockSubaddressing?: boolean + customBlocklist?: string[] + } + socialConnectors: { + id: string + target: string + /** @description Validator function */ + name: Record + logo: string + logoDark: string | null + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + }[] + ssoConnectors: { + id: string + connectorName: string + logo: string + darkLogo?: string + }[] + forgotPassword: { + phone: boolean + email: boolean + } + isDevelopmentTenant: boolean + googleOneTap?: { + isEnabled?: boolean + autoSelect?: boolean + closeOnTapOutside?: boolean + itpSupport?: boolean + clientId: string + connectorId: string + } + captchaConfig?: { + /** @enum {string} */ + type: "RecaptchaEnterprise" | "Turnstile" + siteKey: string + } + customProfileFields: { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSignInExperiencePhrases: { + parameters: { + query?: { + /** @description The language tag for localization. */ + lng?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Localized phrases for the specified language. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + [key: string]: string | { + [key: string]: unknown + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetWellKnownExperience: { + parameters: { + query?: { + organizationId?: string + appId?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The full sign-in experience configuration. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + tenantId: string + id: string + color: { + /** Format: regex */ + primaryColor: string + isDarkModeEnabled: boolean + /** Format: regex */ + darkPrimaryColor: string + } + branding: { + /** Format: url */ + logoUrl?: string + /** Format: url */ + darkLogoUrl?: string + /** Format: url */ + favicon?: string + /** Format: url */ + darkFavicon?: string + } + languageInfo: { + autoDetect: boolean + /** @enum {string} */ + fallbackLanguage: "af-ZA" | "am-ET" | "ar" | "ar-AR" | "as-IN" | "az-AZ" | "be-BY" | "bg-BG" | "bn-IN" | "br-FR" | "bs-BA" | "ca-ES" | "cb-IQ" | "co-FR" | "cs-CZ" | "cx-PH" | "cy-GB" | "da-DK" | "de" | "de-DE" | "el-GR" | "en" | "en-GB" | "en-US" | "eo-EO" | "es" | "es-ES" | "es-419" | "et-EE" | "eu-ES" | "fa-IR" | "ff-NG" | "fi" | "fi-FI" | "fo-FO" | "fr" | "fr-CA" | "fr-FR" | "fy-NL" | "ga-IE" | "gl-ES" | "gn-PY" | "gu-IN" | "ha-NG" | "he-IL" | "hi-IN" | "hr-HR" | "ht-HT" | "hu-HU" | "hy-AM" | "id-ID" | "ik-US" | "is-IS" | "it" | "it-IT" | "iu-CA" | "ja" | "ja-JP" | "ja-KS" | "jv-ID" | "ka-GE" | "kk-KZ" | "km-KH" | "kn-IN" | "ko" | "ko-KR" | "ku-TR" | "ky-KG" | "lo-LA" | "lt-LT" | "lv-LV" | "mg-MG" | "mk-MK" | "ml-IN" | "mn-MN" | "mr-IN" | "ms-MY" | "mt-MT" | "my-MM" | "nb-NO" | "ne-NP" | "nl" | "nl-BE" | "nl-NL" | "nn-NO" | "or-IN" | "pa-IN" | "pl-PL" | "ps-AF" | "pt" | "pt-BR" | "pt-PT" | "ro-RO" | "ru" | "ru-RU" | "rw-RW" | "sc-IT" | "si-LK" | "sk-SK" | "sl-SI" | "sn-ZW" | "sq-AL" | "sr-RS" | "sv" | "sv-SE" | "sw-KE" | "sy-SY" | "sz-PL" | "ta-IN" | "te-IN" | "tg-TJ" | "th" | "th-TH" | "tl-PH" | "tr" | "tr-TR" | "tt-RU" | "tz-MA" | "uk-UA" | "ur-PK" | "uz-UZ" | "vi-VN" | "zh" | "zh-CN" | "zh-HK" | "zh-MO" | "zh-TW" | "zz-TR" + } + termsOfUseUrl: string | null + privacyPolicyUrl: string | null + /** @enum {string} */ + agreeToTermsPolicy: "Automatic" | "ManualRegistrationOnly" | "Manual" + signIn: { + methods: { + /** @enum {string} */ + identifier: "username" | "email" | "phone" + password: boolean + verificationCode: boolean + isPasswordPrimary: boolean + }[] + } + signUp: { + identifiers: ("username" | "email" | "phone")[] + password: boolean + verify: boolean + secondaryIdentifiers?: { + identifier: ("username" | "email" | "phone") | "emailOrPhone" + verify?: boolean + }[] + } + socialSignIn: { + automaticAccountLinking?: boolean + } + socialSignInConnectorTargets: string[] + /** @enum {string} */ + signInMode: "SignIn" | "Register" | "SignInAndRegister" + customCss: string | null + customContent: { + [key: string]: string + } + customUiAssets: { + id: string + createdAt: number + } | null + passwordPolicy: { + /** @default {} */ + length: { + /** @default 8 */ + min: number + /** @default 256 */ + max: number + } + /** @default {} */ + characterTypes: { + /** @default 1 */ + min: number + } + /** @default {} */ + rejects: { + /** @default true */ + pwned: boolean + /** @default true */ + repetitionAndSequence: boolean + /** @default true */ + userInfo: boolean + /** @default [] */ + words: string[] + } + } + mfa: { + factors: ("Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode")[] + /** @enum {string} */ + policy: "UserControlled" | "Mandatory" | "PromptOnlyAtSignIn" | "PromptAtSignInAndSignUp" | "NoPrompt" + /** @enum {string} */ + organizationRequiredMfaPolicy?: "NoPrompt" | "Mandatory" + } + singleSignOnEnabled: boolean + supportEmail: string | null + supportWebsiteUrl: string | null + unknownSessionRedirectUrl: string | null + captchaPolicy: { + enabled?: boolean + } + sentinelPolicy: { + maxAttempts?: number + lockoutDuration?: number + } + emailBlocklistPolicy: { + blockDisposableAddresses?: boolean + blockSubaddressing?: boolean + customBlocklist?: string[] + } + socialConnectors: { + id: string + target: string + /** @description Validator function */ + name: Record + logo: string + logoDark: string | null + fromEmail?: string + /** @enum {string|null} */ + platform: "Native" | "Universal" | "Web" | null + isStandard?: boolean + isTokenStorageSupported?: boolean + }[] + ssoConnectors: { + id: string + connectorName: string + logo: string + darkLogo?: string + }[] + forgotPassword: { + phone: boolean + email: boolean + } + isDevelopmentTenant: boolean + googleOneTap?: { + isEnabled?: boolean + autoSelect?: boolean + closeOnTapOutside?: boolean + itpSupport?: boolean + clientId: string + connectorId: string + } + captchaConfig?: { + /** @enum {string} */ + type: "RecaptchaEnterprise" | "Turnstile" + siteKey: string + } + customProfileFields: { + tenantId: string + id: string + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label: string + description: string | null + required: boolean + config: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + parts?: { + enabled: boolean + name: string + /** @enum {string} */ + type: "Text" | "Number" | "Date" | "Checkbox" | "Select" | "Url" | "Regex" | "Address" | "Fullname" + label?: string + description?: string + required: boolean + config?: { + placeholder?: string + minLength?: number + maxLength?: number + minValue?: number + maxValue?: number + format?: string + customFormat?: string + options?: { + label?: string + value: string + }[] + defaultValue?: string + } + }[] + } + createdAt: number + sieOrder: number + }[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetStatus: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The Logto core service is healthy. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetHasuraAuth: { + parameters: { + query: { + resource: string + unauthorizedRole?: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The authenticated user claims in Hasura format. See [Hasura docs](https://hasura.io/docs/latest/auth/authentication/webhook/#webhook-response) for more information. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + "X-Hasura-User-Id"?: string + "X-Hasura-Role"?: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssertSaml: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": Record + } + } + responses: { + /** @description Redirect to the endpoint to complete the authentication flow. */ + 302: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AssertSingleSignOnSaml: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description SAML standard parameter that will be transmitted between the identity provider and the service provider. It will be used as the session ID (jti) of the user's Logto authentication session. This API will use this session ID to retrieve the SSO connector authentication session from the database. */ + RelayState?: string + /** @description The SAML assertion response from the identity provider (IdP). */ + SAMLResponse: string + } + } + } + responses: { + /** @description Redirect to the endpoint to complete the authentication flow. */ + 302: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid SAML assertion response. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid SSO connector ID or SSO connector authentication session not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ListSamlApplicationMetadata: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the SAML application. */ + id: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The SAML metadata XML. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": string + "text/xml": string + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSamlApplicationCallback: { + parameters: { + query?: { + /** @description The authorization code from OIDC callback. */ + code?: string + /** @description The state parameter from OIDC callback. */ + state?: string + /** @description The redirect URI for the callback. */ + redirectUri?: string + error?: string + error_description?: string + } + header?: never + path: { + /** @description The ID of the SAML application. */ + id: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description Returns an HTML form that automatically submits the SAML response. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Invalid request or OIDC error. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSamlAuthn: { + parameters: { + query: { + /** @description The SAML request message. */ + SAMLRequest: string + /** @description The signature of the request. */ + Signature?: string + /** @description The signature algorithm. */ + SigAlg?: string + /** @description The relay state parameter. */ + RelayState?: string + } + header?: never + path: { + /** @description The ID of the SAML application. */ + id: components["parameters"]["samlId-root"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Redirects to the sign-in page. */ + 302: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid SAML request. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSamlAuthn: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the SAML application. */ + id: components["parameters"]["samlId-root"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + SAMLRequest: string + RelayState?: string + } + "application/x-www-form-urlencoded": { + /** @description Base64-encoded SAML request message. */ + SAMLRequest: string + /** @description Optional state parameter to be returned in the response. */ + RelayState?: string + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Redirects to the sign-in page. */ + 302: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid SAML request. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SAML application was not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetWellKnownManagementOpenapiJson: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The JSON document. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + } + } + GetWellKnownExperienceOpenapiJson: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The JSON document. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + } + } + GetWellKnownUserOpenapiJson: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The JSON document. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + } + } + GetSwaggerJson: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The JSON document. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + } + } + InitInteraction: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @enum {string} */ + interactionEvent: "SignIn" | "Register" | "ForgotPassword" + captchaToken?: string + } + } + } + responses: { + /** @description A new experience interaction has been successfully initiated. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateInteractionEvent: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * @description The type of the interaction event. Only `SignIn` and `Register` are supported. + * @enum {string} + */ + interactionEvent: "SignIn" | "Register" | "ForgotPassword" + } + } + } + responses: { + /** @description The interaction event has been successfully updated. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The interaction event is invalid or cannot be updated. Only `SignIn` and `Register` are interchangeable. If the current interaction event is `ForgotPassword`, it cannot be updated. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The given interaction event is not enabled in the sign-in experience settings. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + IdentifyUser: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The ID of the verification record used to identify the user.
- For `SignIn` and `ForgotPassword` interactions: Required to verify the user's identity.
- For `Register` interaction: Optional. If provided, new profile(s) will be attached to the registration session using the information from the verification record and trigger the account creation attempt. If not provided, the user account creation attempt will be triggered using the existing profile data in the interaction. */ + verificationId?: string + /** @description Applies only to the SignIn interaction and is used when a SocialVerification type verification ID is provided.
- If `true`, the user is identified using the verified email or phone number from the social identity provider, and the social identity is linked to the user's account.
- If `false` or not provided, the API identifies the user solely through the social identity.
This parameter is used to link a non-existing social identity to a related user account identified by the verified email or phone number. */ + linkSocialIdentity?: boolean + } + } + } + responses: { + /** @description `Register` interaction: The user account has been successfully created and identified. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description `SignIn` and `ForgotPassword` interactions: The user has been successfully identified. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The provided verificationId is invalid, not verified, or cannot be used to identify the user.
- `session.verification_failed:` The verification is not verified or can not be used to identify the user.
- `guard.invalid_target:` The `verificationId` is missing, but required for the `SignIn` and `ForgotPassword` interactions. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is suspended or banned from the service. (SignIn and ForgotPassword only) */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The `SignIn` or `Register` interaction is disabled in the experience settings. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.verification_session_not_found:` The verification record is not found.
- `user.user_not_exist:` The user account is not found (SignIn and ForgotPassword only). */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The interaction has already been identified with a different user account. */ + 409: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user account cannot be created due to validation errors, check error message for more details (Register only).
- `user._already_in_use:` The given identifier is already in use by another user account.
- `user.missing_profile:` Sign-in experience required user identifier or profile data is missing. (Register only) */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + SubmitInteraction: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The interaction has been successfully submitted. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + redirectTo: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Multi-Factor Authentication (MFA) is enabled for the user but has not been verified. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user has not been identified. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user profile can not been processed, check error message for more details.
- The profile data is invalid or conflicts with existing user data.
- Required profile data is missing.
- The profile data is already in use by another user account. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetInteraction: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The public interaction data has been successfully retrieved. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @enum {string} */ + interactionEvent: "SignIn" | "Register" | "ForgotPassword" + userId?: string + profile: { + avatar?: string | null + name?: string | null + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + /** @description arbitrary */ + customData?: Record + socialIdentity?: { + target: string + userInfo: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } + enterpriseSsoIdentity?: { + identityId: string + ssoConnectorId: string + issuer: string + /** @description arbitrary */ + detail: Record + } + syncedEnterpriseSsoIdentity?: { + identityId: string + issuer: string + /** @description arbitrary */ + detail: Record + } + jitOrganizationIds?: string[] + } + verificationRecords?: ({ + id: string + /** Format: "Password" */ + type: string + identifier: { + type: ("username" | "email" | "phone") | "userId" + value: string + } + verified: boolean + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "EmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "PhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "MfaEmailVerificationCode" */ + type: string + identifier: { + /** Format: "email" */ + type: string + value: string + } + } | { + id: string + /** @enum {string} */ + templateType: "SignIn" | "Register" | "ForgotPassword" | "OrganizationInvitation" | "Generic" | "UserPermissionValidation" | "BindNewIdentifier" | "MfaVerification" + verified: boolean + /** Format: "MfaPhoneVerificationCode" */ + type: string + identifier: { + /** Format: "phone" */ + type: string + value: string + } + } | { + id: string + connectorId: string + /** Format: "Social" */ + type: string + socialUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + } | { + id: string + connectorId: string + /** Format: "EnterpriseSso" */ + type: string + enterpriseSsoUserInfo?: { + id: string + email?: string + phone?: string + name?: string + avatar?: string + rawData?: (Record | (string | number | boolean | unknown | Record)[] | string | number | boolean) | null + } + issuer?: string + } | { + id: string + /** Format: "Totp" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "BackupCode" */ + type: string + userId: string + code?: string + } | { + id: string + /** Format: "WebAuthn" */ + type: string + userId: string + verified: boolean + } | { + id: string + /** Format: "NewPasswordIdentity" */ + type: string + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + } | { + id: string + /** Format: "OneTimeToken" */ + type: string + verified: boolean + identifier: { + /** Format: "email" */ + type: string + value: string + } + oneTimeTokenContext?: { + jitOrganizationIds?: string[] + } + })[] + mfa?: { + mfaSkipped?: boolean + totp?: { + /** Format: "Totp" */ + type: string + } + webAuthn?: { + /** Format: "WebAuthn" */ + type: string + credentialId: string + publicKey: string + transports: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + counter: number + agent: string + name?: string + }[] + backupCode?: { + /** Format: "BackupCode" */ + type: string + } + } + captcha?: { + verified: boolean + skipped: boolean + } + } + } + } + } + } + CreatePasswordVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The unique identifier of the user that will be used to identify the user along with the provided password. */ + identifier: { + /** @enum {string} */ + type: "username" | "email" | "phone" + value: string + } + /** @description The user password. */ + password: string + } + } + } + responses: { + /** @description The Password verification record has been successfully created and verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the newly created Password verification record. The `verificationId` is required when verifying the user's identity via the `Identification` API. */ + verificationId: string + } + } + } + /** @description The verification attempts have exceeded the maximum limit. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user is suspended or banned from the service. */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description `session.invalid_credentials:` Either the user is not found or the provided password is incorrect. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateAndSendVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The identifier (email address or phone number) to send the verification code to. */ + identifier: { + /** @enum {string} */ + type: "email" | "phone" + value: string + } + /** + * @description The interaction event for which the verification code will be used. Supported values are `SignIn`, `Register`, and `ForgotPassword`. This determines the template for the verification code. + * @enum {string} + */ + interactionEvent: "SignIn" | "Register" | "ForgotPassword" + } + } + } + responses: { + /** @description The verification code has been successfully sent. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID of the verification record. Required to verify the code. */ + verificationId: string + } + } + } + /** @description An invalid identifier was provided. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for sending the verification code is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyVerificationCodeVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The identifier (email address or phone number) to verify the code against. Must match the identifier used to send the verification code. */ + identifier: { + /** @enum {string} */ + type: "email" | "phone" + value: string + } + /** @description The verification ID of the CodeVerification record. */ + verificationId: string + /** @description The verification code to be verified. */ + code: string + } + } + } + responses: { + /** @description The verification code was successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID of the verification record. Required for user identification via the `Identification` API or to bind the identifier to the user's account via the `Profile` API. */ + verificationId: string + } + } + } + /** @description The verification code is invalid or the maximum number of attempts has been exceeded. Check the error message for details. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for sending the verification code is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateAndSendMfaVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * @description The type of identifier to use for MFA verification. Must be either 'Email' or 'Phone'. The endpoint will automatically use the user's bound identifier of this type. + * @enum {string} + */ + identifierType: "email" | "phone" | "Email" | "Phone" + } + } + } + responses: { + /** @description The MFA verification code has been successfully sent to the user's bound identifier. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID of the verification record. Required to verify the code. */ + verificationId: string + } + } + } + /** @description Bad request. The user is not identified or does not have the specified identifier type bound for MFA. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description User not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for the specified identifier type is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyMfaVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The verification ID returned from the MFA verification code send endpoint. */ + verificationId: string + /** @description The verification code received by the user. */ + code: string + /** + * @description The type of identifier used for MFA verification. Must match the type used when sending the verification code. + * @enum {string} + */ + identifierType: "email" | "phone" | "Email" | "Phone" + } + } + } + responses: { + /** @description The MFA verification code was successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID of the verification record. This can be used for subsequent MFA operations. */ + verificationId: string + } + } + } + /** @description Bad request. The verification code is invalid, expired, or the user is not identified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for the verification method is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateSocialVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The state parameter to pass to the social connector. */ + state: string + /** @description The URI to redirect the user after the social authorization is completed. */ + redirectUri: string + } + } + } + responses: { + /** @description The social authorization URI has been successfully generated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The social authorization URI. */ + authorizationUri: string + /** @description The unique verification ID of the newly created SocialVerification record. The `verificationId` is required when verifying the social authorization response. */ + verificationId: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The social connector is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector error. Failed to generate the social authorization URI. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifySocialVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Arbitrary data returned by the social provider to complete the verification process. */ + connectorData: Record + /** @description The ID of the social verification record. Optional for Google one tap login, as it does not have a pre-created social verification record in session. */ + verificationId?: string + } + } + } + responses: { + /** @description The social authorization response has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the SocialVerification record. This ID is required when identifying the user in the current interaction. */ + verificationId: string + } + } + } + /** @description The social authorization response is invalid or cannot be verified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The social connector is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector error. Failed to verify the social authorization response or fetch the user info from the social provider. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateEnterpriseSsoVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The state parameter to pass to the SSO connector. */ + state: string + /** @description The URI to redirect the user after the SSO authorization is completed. */ + redirectUri: string + } + } + } + responses: { + /** @description The SSO authorization URI has been successfully generated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The SSO authorization URI. */ + authorizationUri: string + /** @description The unique verification ID of the newly created EnterpriseSSO verification record. The `verificationId` is required when verifying the SSO authorization response. */ + verificationId: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SSO connector is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector error. Failed to generate the SSO authorization URI. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyEnterpriseSsoVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description Arbitrary data returned by the SSO provider to complete the verification process. */ + connectorData: Record + /** @description The ID of the EnterpriseSSO verification record. */ + verificationId: string + } + } + } + responses: { + /** @description The SSO authorization response has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The current verified EnterpriseSSO verification record ID. This ID is required when identifying the user in the current interaction. */ + verificationId: string + } + } + } + /** @description The SSO authorization response is invalid or cannot be verified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The verification record or the SSO connector is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Connector error. Failed to verify the SSO authorization response or fetch the user info from the SSO provider. */ + 500: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateTotpSecret: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description TOTP secret successfully generated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID for the TOTP record. This ID is required to verify the TOTP code. */ + verificationId: string + /** @description The newly generated TOTP secret. */ + secret: string + /** @description A QR code image data URL for the TOTP secret. The user can scan this QR code with their TOTP authenticator app. */ + secretQrCode: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyTotpVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The TOTP code to be verified. */ + code: string + /** @description The verification ID of the newly created TOTP secret. This ID is required to verify a newly created TOTP secret that needs to be bound to the user account. If not provided, the API will create a new TOTP verification record and verify the code against the user's existing TOTP secret. */ + verificationId?: string + } + } + } + responses: { + /** @description The TOTP code has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the TOTP verification record. For newly created TOTP secret verification record, this ID is required to bind the TOTP secret to the user account through `Profile` API. */ + verificationId: string + } + } + } + /** @description Invalid TOTP code. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateWebAuthnRegistrationVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description WebAuthn registration successfully created. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID for the WebAuthn registration record. This ID is required to verify the WebAuthn registration challenge. */ + verificationId: string + /** @description The WebAuthn registration options that the user needs to create a new WebAuthn credential. */ + registrationOptions: { + rp: { + name: string + id?: string + } + user: { + id: string + name: string + displayName: string + } + challenge: string + pubKeyCredParams: { + /** Format: "public-key" */ + type: string + alg: number + }[] + timeout?: number + excludeCredentials?: { + /** Format: "public-key" */ + type: string + id: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + }[] + authenticatorSelection?: { + /** @enum {string} */ + authenticatorAttachment?: "platform" | "cross-platform" + requireResidentKey?: boolean + /** @enum {string} */ + residentKey?: "discouraged" | "preferred" | "required" + /** @enum {string} */ + userVerification?: "required" | "preferred" | "discouraged" + } + /** @enum {string} */ + attestation?: "none" | "indirect" | "direct" | "enterprise" + extensions?: { + appid?: string + credProps?: boolean + hmacCreateSecret?: boolean + } + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyWebAuthnRegistrationVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The verification ID of the WebAuthn registration record. */ + verificationId: string + /** @description The WebAuthn attestation response from the user's WebAuthn credential. */ + payload: { + /** Format: "WebAuthn" */ + type: string + id: string + rawId: string + response: { + clientDataJSON: string + attestationObject: string + authenticatorData?: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + publicKeyAlgorithm?: number + publicKey?: string + } + /** @enum {string} */ + authenticatorAttachment?: "cross-platform" | "platform" + clientExtensionResults: { + appid?: boolean + crepProps?: { + rk?: boolean + } + hmacCreateSecret?: boolean + } + } + } + } + } + responses: { + /** @description The WebAuthn registration has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the WebAuthn registration record. This `verificationId` is required to bind the WebAuthn credential to the user account via the `Profile` API. */ + verificationId: string + } + } + } + /** @description Invalid request.
- `session.mfa.pending_info_not_found:` The WebAuthn registration challenge is missing from the current verification record.
- `session.mfa.webauthn_verification_failed:` The WebAuthn attestation response is invalid or cannot be verified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateWebAuthnAuthenticationVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description WebAuthn authentication successfully initiated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID for the WebAuthn authentication record, required to verify the WebAuthn authentication challenge. */ + verificationId: string + /** @description Options for the user to authenticate with their WebAuthn credential. */ + authenticationOptions: { + challenge: string + timeout?: number + rpId?: string + allowCredentials?: { + /** Format: "public-key" */ + type: string + id: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + }[] + /** @enum {string} */ + userVerification?: "required" | "preferred" | "discouraged" + extensions?: { + appid?: string + credProps?: boolean + hmacCreateSecret?: boolean + } + } + } + } + } + /** @description The user does not have a verified WebAuthn credential. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The current interaction is not yet identified. All MFA verification records must be associated with an identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyWebAuthnAuthenticationVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The verification ID of the WebAuthn authentication verification record. */ + verificationId: string + /** @description The WebAuthn assertion response from the user's WebAuthn credential. */ + payload: { + /** Format: "WebAuthn" */ + type: string + id: string + rawId: string + /** @enum {string} */ + authenticatorAttachment?: "cross-platform" | "platform" + clientExtensionResults: { + appid?: boolean + crepProps?: { + rk?: boolean + } + hmacCreateSecret?: boolean + } + response: { + clientDataJSON: string + authenticatorData: string + signature: string + userHandle?: string + } + } + } + } + } + responses: { + /** @description The WebAuthn authentication has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the WebAuthn authentication verification record. */ + verificationId: string + } + } + } + /** @description Invalid request.
- `session.mfa.pending_info_not_found:` The WebAuthn authentication challenge is missing in the current verification record.
- `session.mfa.webauthn_verification_failed:` The WebAuthn assertion response is invalid or cannot be verified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GenerateBackupCodes: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Backup codes have been successfully generated. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the newly created BackupCode verification record. This ID is required when adding the backup codes to the user profile via the Profile API. */ + verificationId: string + /** @description The generated backup codes. */ + codes: string[] + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The current interaction is not identified yet. All MFA verification records must be associated with a identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyBackupCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The backup code to verify. */ + code: string + } + } + } + responses: { + /** @description The backup code has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the BackupCode verification record. */ + verificationId: string + } + } + } + /** @description The provided backup code is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateNewPasswordIdentityVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The unique user identifier.
Currently, only `username` is accepted. For `email` or `phone` registration, a `CodeVerification` record must be created and used to verify the user's email or phone number identifier. */ + identifier: { + /** Format: "username" */ + type: string + /** Format: regex */ + value: string + } + /** @description The new user password. (A password digest will be created and stored securely in the verification record.) */ + password: string + } + } + } + responses: { + /** @description The NewPasswordIdentity verification record has been successfully created. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique verification ID of the newly created NewPasswordIdentity verification record. The `verificationId` is required when creating a new user account via the `Identification` API. */ + verificationId: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unable to process the request.
- `user.username_already_in_use:` The provided username is already in use.
- `password.rejected:` The provided password is rejected by the password policy. Detailed password violation information is included in the response. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyOneTimeTokenVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The unique user identifier.
Currently, only `email` is accepted. */ + identifier: { + /** Format: "email" */ + type: string + /** Format: regex */ + value: string + } + /** @description The one-time token to be verified. */ + token: string + } + } + } + responses: { + /** @description The one-time token was successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The unique ID of the verification record. Required for user identification via the `Identification` API or to bind the identifier to the user's account via the `Profile` API. */ + verificationId: string + } + } + } + /** @description The one-time token is invalid or the maximum number of attempts has been exceeded. Check the error message for details. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Verification record not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddUserProfile: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The type of profile data to add. Available options: `email`, `phone`, `username`, `password`, `social`, or `extraProfile`. */ + type?: unknown + /** @description The plain text value of the profile data. Only supported for profile data types that does not require verification, such as `username` and `password`. */ + value?: unknown + /** @description The extra profile data to add. Only supported for `extraProfile` type. The data will be validated and split into standard user profile attributes and custom user profile attributes. The standard user profile attributes will be set to the user profile, whereas the custom user profile attributes will be set to the user custom data. */ + values?: unknown + /** @description The ID of the verification record used to verify the profile data. Required for profile data types that require verification, such as `email`, `phone` and `social`. */ + verificationId?: unknown + } & ({ + /** Format: "username" */ + type: string + /** Format: regex */ + value: string + } | { + /** Format: "password" */ + type: string + value: string + } | { + /** Format: "email" */ + type: string + verificationId: string + } | { + /** Format: "phone" */ + type: string + verificationId: string + } | { + /** Format: "social" */ + type: string + verificationId: string + } | { + /** Format: "extraProfile" */ + type: string + values: { + [key: string]: unknown + } + }) + } + } + responses: { + /** @description The profile data has been successfully added to the current experience interaction. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid request.
- `session.not_supported_for_forgot_password:` This API can not be used in the `ForgotPassword` interaction.
- `session.verification_failed:` The verification record is not verified. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description `SignIn` interaction only: MFA is enabled for the user but has not been verified. The user must verify the MFA before updating the profile data. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.identifier_not_found:` (`SignIn` interaction only) The current interaction is not identified yet. All profile data must be associated with a identified user.
- `session.verification_session_not_found:` The verification record is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user profile can not been processed, check error message for more details.
- The profile data is invalid or conflicts with existing user data.
- The profile data is already in use by another user account.
- The email address is enterprise SSO enabled, can only be linked through the SSO connector. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + ResetUserPassword: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The new password to update. The password must meet the password policy requirements and can not be the same as the current password. */ + password: string + } + } + } + responses: { + /** @description The password has been successfully updated. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The current interaction event is not `ForgotPassword`. The password can only be updated through the `ForgotPassword` interaction. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user has not been identified yet. The user must be identified before updating the password. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The password can not be updated due to validation errors, check error message for more details.
- `user.password_policy_violation:` The password does not meet the password policy requirements.
- `user.same_password:` The new password is the same as the current password. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + SkipMfaBindingFlow: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The MFA verification has been successfully skipped. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not supported for the current interaction event. The MFA profile API can only be used in the `SignIn` or `Register` interaction. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Some MFA factors has already been enabled for the user. The user must verify the MFA before updating the MFA settings. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The user has not been identified yet. The `mfa-skipped` configuration must be associated with a identified user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The MFA verification binding is `Mandatory`, user can not skip the MFA verification binding flow. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + BindMfaVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * @description The type of MFA. + * @enum {string} + */ + type: "Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode" + /** @description The ID of the MFA verification record. */ + verificationId: string + } + } + } + responses: { + /** @description The MFA verification has been successfully added to the user profile. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Invalid request.
- `session.verification_failed:` The MFA verification record is invalid or not verified.
- `session.mfa.mfa_factor_not_enabled:` The MFA factor is not enabled in the sign-in experience settings.
- `session.mfa.pending_info_not_found:` The MFA verification record does not have the required information to bind the MFA verification. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Entity not found.
- `session.identifier_not_found:` The user has not been identified yet. The MFA verification can only be added to a identified user.
- `session.verification_session_not_found:` The MFA verification record is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The MFA verification can not been processed, check error message for more details.
- `user.totp_already_in_use`: A TOTP MFA secret is already in use in the current user profile.
- `session.mfa.backup_code_can_not_be_alone`: The backup code can not be the only MFA factor in the user profile. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetEnabledSsoConnectors: { + parameters: { + query: { + /** @description The email address to find the enabled SSO connectors. */ + email: string + } + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The enabled SSO connectors have been successfully retrieved. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The list of enabled SSO connectorIds. Returns an empty array if no enabled SSO connectors are found. */ + connectorIds: string[] + } + } + } + /** @description The email address is invalid, can not extract a valid domain from it. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetProfile: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The profile was retrieved successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateProfile: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The new name for the user. */ + name?: string | null + /** + * Format: url + * @description The new avatar for the user, must be a URL. + */ + avatar?: string | null + /** + * Format: regex + * @description The new username for the user, must be a valid username and unique. + */ + username?: string | null + /** @description The new custom data for the user. This will completely replace the existing customData. Requires CustomData scope. */ + customData?: Record + } + } + } + responses: { + /** @description The profile was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id?: string + username?: string | null + primaryEmail?: string | null + primaryPhone?: string | null + name?: string | null + avatar?: string | null + /** @description arbitrary */ + customData?: Record + identities?: { + [key: string]: { + userId: string + /** @description arbitrary */ + details?: Record + } + } + lastSignInAt?: number | null + createdAt?: number + updatedAt?: number + profile?: { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + applicationId?: string | null + isSuspended?: boolean + hasPassword?: boolean + ssoIdentities?: { + tenantId: string + id: string + userId: string + issuer: string + identityId: string + /** @description arbitrary */ + detail: Record + createdAt: number + updatedAt: number + ssoConnectorId: string + }[] + } + } + } + /** @description The request body is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The username is already in use. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateOtherProfile: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The new family name for the user. */ + familyName?: string + /** @description The new given name for the user. */ + givenName?: string + /** @description The new middle name for the user. */ + middleName?: string + /** @description The new nickname for the user. */ + nickname?: string + /** @description The new preferred username for the user. */ + preferredUsername?: string + /** @description The new profile for the user. */ + profile?: string + /** @description The new website for the user. */ + website?: string + /** @description The new gender for the user. */ + gender?: string + /** @description The new birthdate for the user. */ + birthdate?: string + /** @description The new zoneinfo for the user. */ + zoneinfo?: string + /** @description The new locale for the user. */ + locale?: string + /** @description The new address for the user. */ + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + responses: { + /** @description The profile was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + familyName?: string + givenName?: string + middleName?: string + nickname?: string + preferredUsername?: string + profile?: string + website?: string + gender?: string + birthdate?: string + zoneinfo?: string + locale?: string + address?: { + formatted?: string + streetAddress?: string + locality?: string + region?: string + postalCode?: string + country?: string + } + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdatePassword: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The new password for the user. */ + password: string + } + } + } + responses: { + /** @description The password was updated successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied, the verification record is invalid. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetSocialIdentityAccessToken: { + parameters: { + query?: never + header?: never + path: { + target: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The access token was retrieved successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + access_token: string + scope?: string + token_type?: string + expires_in?: number | string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied, the access_token is expired and the offline_access scope is not granted or expired. */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The social identity does not exist or the access token is not available. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateSocialIdentityAccessTokenByVerificationId: { + parameters: { + query?: never + header?: never + path: { + target: string + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + verificationRecordId: string + } + } + } + responses: { + /** @description The token storage was updated successfully. The new access token is returned in the response body. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + access_token: string + scope?: string + token_type?: string + expires_in?: number | string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The verification record is invalid; the social identity does not exist; or the access token is not available. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetEnterpriseSsoIdentityAccessToken: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the connector. */ + connectorId: components["parameters"]["connectorId"] + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The access token was retrieved successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + access_token: string + scope?: string + token_type?: string + expires_in?: number | string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied, the access_token is expired and the offline_access scope is not granted or expired. */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The SSO connector does not exist or the access token is not available. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdatePrimaryEmail: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * Format: regex + * @description The new email for the user. + */ + email: string + /** @description The identifier verification record ID for the new email ownership verification. */ + newIdentifierVerificationRecordId: string + } + } + } + responses: { + /** @description The primary email was updated successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The new verification record is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied, the verification record is invalid. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeletePrimaryEmail: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The primary email was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdatePrimaryPhone: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** + * Format: regex + * @description The new phone for the user. + */ + phone: string + /** @description The identifier verification record ID for the new phone ownership verification. */ + newIdentifierVerificationRecordId: string + } + } + } + responses: { + /** @description The primary phone was updated successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The new verification record is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Permission denied, the verification record is invalid. */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeletePrimaryPhone: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The primary phone was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddUserIdentities: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The identifier verification record ID for the new social identity ownership verification. */ + newIdentifierVerificationRecordId: string + } + } + } + responses: { + /** @description The identity was added successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteIdentity: { + parameters: { + query?: never + header?: never + path: { + target: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The identity was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The verification record is invalid. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The identity does not exist. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetMfaVerifications: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The MFA verifications were retrieved successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + id: string + createdAt: string + /** @enum {string} */ + type: "Totp" | "WebAuthn" | "BackupCode" | "EmailVerificationCode" | "PhoneVerificationCode" + agent?: string + name?: string + remainCodes?: number + }[] + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + AddMfaVerification: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** Format: "WebAuthn" */ + type: string + newIdentifierVerificationRecordId: string + name?: string + } | { + /** Format: "Totp" */ + type: string + secret: string + } | { + /** Format: "BackupCode" */ + type: string + codes: string[] + } | { + /** + * @description The type of the MFA verification. + * @enum {string} + */ + type: "WebAuthn" + /** @description The identifier verification record ID for the new WebAuthn registration verification. */ + newIdentifierVerificationRecordId: string + /** @description The name of the MFA verification, if not provided, the name will be generated from user agent. */ + name?: string + } | { + /** + * @description The type of the MFA verification, for TOTP, one user can only bind one TOTP factor. + * @enum {string} + */ + type: "TOTP" + /** @description The TOTP secret for the MFA verification. Use the generate endpoint to create a secret, and verify the generated code with the user before binding to make sure the user has setup the secret in their authenticator app. */ + secret: string + } | { + /** + * @description The type of the MFA verification, for backup codes, one user can only bind one set of backup codes and requires at least one other MFA factor. + * @enum {string} + */ + type: "BackupCode" + /** @description Array of backup codes. Use the generate endpoint to create codes. */ + codes: string[] + } + } + } + responses: { + /** @description No Content */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GenerateTotpSecret: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The TOTP secret was generated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GenerateMyAccountBackupCodes: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The backup codes were generated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GetBackupCodes: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description The backup codes were retrieved successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Unauthorized or identity verification required. */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description No backup codes found for the user. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + UpdateMfaVerificationName: { + parameters: { + query?: never + header?: never + path: { + /** @description The unique identifier of the verification. */ + verificationId: components["parameters"]["verificationId"] + } + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The name of the MFA verification. */ + name: string + } + } + } + responses: { + /** @description The MFA verification name was updated successfully. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": unknown + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + DeleteMfaVerification: { + parameters: { + query?: never + header?: never + path: { + /** @description The ID of the MFA verification to delete. */ + verificationId: string + } + cookie?: never + } + requestBody?: never + responses: { + /** @description The MFA verification was deleted successfully. */ + 204: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateVerificationByPassword: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The password of the user. */ + password: string + } + } + } + responses: { + /** @description The verification record was created successfully. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + expiresAt: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The password is invalid. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateVerificationByVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The identifier (email address or phone number) to send the verification code to. */ + identifier: { + /** @enum {string} */ + type: "email" | "phone" + value: string + } + } + } + } + responses: { + /** @description The verification code has been successfully sent. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + expiresAt: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for sending the verification code is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyVerificationByVerificationCode: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The identifier (email address or phone number) to verify the code against. Must match the identifier used to send the verification code. */ + identifier: { + /** @enum {string} */ + type: "email" | "phone" + value: string + } + /** @description The verification ID of the CodeVerification record. */ + verificationId: string + /** @description The verification code to be verified. */ + code: string + } + } + } + responses: { + /** @description The verification code has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + } + } + } + /** @description The verification code is invalid or the maximum number of attempts has been exceeded. Check the error message for details. */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector for sending the verification code is not configured. */ + 501: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + CreateVerificationBySocial: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A random string generated on the client side to prevent CSRF (Cross-Site Request Forgery) attacks. */ + state: string + /** @description The URI to navigate back to after the user is authenticated by the connected social identity provider and has granted access to the connector. */ + redirectUri: string + /** @description The custom scopes of the social verification. It can be used to request specific permissions from the social identity provider. If provided, it will override the scope configured in the connector settings. */ + scope?: string + /** @description The Logto connector ID. */ + connectorId: string + } + } + } + responses: { + /** @description Successfully created the social verification record and returned the authorization URI. */ + 201: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + /** @description The ID of the verification record. */ + verificationRecordId: string + /** @description The authorization URI to navigate to for authentication and authorization in the connected social identity provider. */ + authorizationUri: string + /** @description The expiration date and time of the verification record. */ + expiresAt: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector specified by connectorId is not found. */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description The connector specified by connectorId is not a valid social connector. */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyVerificationBySocial: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description A json object constructed from the url query params returned by the social platform. Typically it contains `code`, `state` and `redirectUri` fields. */ + connectorData: Record + verificationRecordId: string + /** @description The verification ID of the SocialVerification record. */ + verificationId?: unknown + } + } + } + responses: { + /** @description The social verification record has been successfully verified and the user information has been saved. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unprocessable Content */ + 422: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + GenerateWebAuthnRegistrationOptions: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody?: never + responses: { + /** @description Successfully generated the WebAuthn registration options. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + registrationOptions: { + rp: { + name: string + id?: string + } + user: { + id: string + name: string + displayName: string + } + challenge: string + pubKeyCredParams: { + /** Format: "public-key" */ + type: string + alg: number + }[] + timeout?: number + excludeCredentials?: { + /** Format: "public-key" */ + type: string + id: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + }[] + authenticatorSelection?: { + /** @enum {string} */ + authenticatorAttachment?: "platform" | "cross-platform" + requireResidentKey?: boolean + /** @enum {string} */ + residentKey?: "discouraged" | "preferred" | "required" + /** @enum {string} */ + userVerification?: "required" | "preferred" | "discouraged" + } + /** @enum {string} */ + attestation?: "none" | "indirect" | "direct" | "enterprise" + extensions?: { + appid?: string + credProps?: boolean + hmacCreateSecret?: boolean + } + } + expiresAt: string + } + } + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } + VerifyWebAuthnRegistration: { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + requestBody: { + content: { + "application/json": { + /** @description The ID of the verification record. */ + verificationRecordId: string + /** @description The payload of the WebAuthn device. */ + payload: { + /** Format: "WebAuthn" */ + type: string + id: string + rawId: string + response: { + clientDataJSON: string + attestationObject: string + authenticatorData?: string + transports?: ("usb" | "nfc" | "ble" | "internal" | "cable" | "hybrid" | "smart-card")[] + publicKeyAlgorithm?: number + publicKey?: string + } + /** @enum {string} */ + authenticatorAttachment?: "cross-platform" | "platform" + clientExtensionResults: { + appid?: boolean + crepProps?: { + rk?: boolean + } + hmacCreateSecret?: boolean + } + } + } + } + } + responses: { + /** @description The WebAuthn registration has been successfully verified. */ + 200: { + headers: { + [name: string]: unknown + } + content: { + "application/json": { + verificationRecordId: string + } + } + } + /** @description Bad Request */ + 400: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Unauthorized */ + 401: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Forbidden */ + 403: { + headers: { + [name: string]: unknown + } + content?: never + } + /** @description Not Found */ + 404: { + headers: { + [name: string]: unknown + } + content?: never + } + } + } +} diff --git a/src/types/saturday.d.ts b/src/types/saturday.d.ts index e8e0d77..e8885c8 100644 --- a/src/types/saturday.d.ts +++ b/src/types/saturday.d.ts @@ -438,16 +438,36 @@ export interface paths { patch?: never trace?: never } + "/upload": { + parameters: { + query?: never + header?: never + path?: never + cookie?: never + } + get?: never + put?: never + /** + * Upload image file + * @description Upload an image file (JPEG, PNG, WebP). Max size: 10MB. Use 'file' as the field name in multipart form. + */ + post: operations["upload-file"] + delete?: never + options?: never + head?: never + patch?: never + trace?: never + } } export type webhooks = Record export interface components { schemas: { "ActivateMemberRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/ActivateMemberRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/ActivateMemberRequest.json + */ readonly $schema?: string MemberId: string alias: string @@ -458,29 +478,30 @@ export interface components { } "AlterCommitEventInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/AlterCommitEventInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/AlterCommitEventInputBody.json + */ readonly $schema?: string content: string + images?: string[] | null size?: string } "Bind-member-logto-idRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/Bind-member-logto-idRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/Bind-member-logto-idRequest.json + */ readonly $schema?: string password: string } "ClientTokenResponse": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/ClientTokenResponse.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/ClientTokenResponse.json + */ readonly $schema?: string /** Format: int64 */ clientId: number @@ -492,40 +513,42 @@ export interface components { } "CommitEventInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/CommitEventInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/CommitEventInputBody.json + */ readonly $schema?: string content: string + images?: string[] | null size?: string } "Create-token-via-wechatRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/Create-token-via-wechatRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/Create-token-via-wechatRequest.json + */ readonly $schema?: string code: string } "Create-tokenRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/Create-tokenRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/Create-tokenRequest.json + */ readonly $schema?: string password: string } "CreateClientEventInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/CreateClientEventInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/CreateClientEventInputBody.json + */ readonly $schema?: string contactPreference?: string + images?: string[] | null model?: string phone: string problem: string @@ -533,10 +556,10 @@ export interface components { } "CreateMemberRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/CreateMemberRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/CreateMemberRequest.json + */ readonly $schema?: string alias: string avatar: string @@ -551,10 +574,10 @@ export interface components { } "CreateMemberTokenResponse": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/CreateMemberTokenResponse.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/CreateMemberTokenResponse.json + */ readonly $schema?: string alias: string avatar: string @@ -583,49 +606,49 @@ export interface components { } "ErrorModel": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/ErrorModel.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/ErrorModel.json + */ readonly $schema?: string /** - * @description A human-readable explanation specific to this occurrence of the problem. - * @example Property foo is required but is missing. - */ + * @description A human-readable explanation specific to this occurrence of the problem. + * @example Property foo is required but is missing. + */ detail?: string /** @description Optional list of individual error details */ errors?: components["schemas"]["ErrorDetail"][] | null /** - * Format: uri - * @description A URI reference that identifies the specific occurrence of the problem. - * @example https://example.com/error-log/abc123 - */ + * Format: uri + * @description A URI reference that identifies the specific occurrence of the problem. + * @example https://example.com/error-log/abc123 + */ instance?: string /** - * Format: int64 - * @description HTTP status code - * @example 400 - */ + * Format: int64 + * @description HTTP status code + * @example 400 + */ status?: number /** - * @description A short, human-readable summary of the problem type. This value should not change between occurrences of the error. - * @example Bad Request - */ + * @description A short, human-readable summary of the problem type. This value should not change between occurrences of the error. + * @example Bad Request + */ title?: string /** - * Format: uri - * @description A URI reference to human-readable documentation for the error. - * @default about:blank - * @example https://example.com/errors/example - */ + * Format: uri + * @description A URI reference to human-readable documentation for the error. + * @default about:blank + * @example https://example.com/errors/example + */ type: string } "Event": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/Event.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/Event.json + */ readonly $schema?: string /** Format: int64 */ clientId: number @@ -638,6 +661,7 @@ export interface components { githubIssueNumber: components["schemas"]["NullInt64"] gmtCreate: string gmtModified: string + images?: string[] | null logs: components["schemas"]["EventLog"][] | null member: components["schemas"]["PublicMember"] memberId: string @@ -652,20 +676,30 @@ export interface components { action: string description: string gmtCreate: string + images?: string[] | null /** Format: int64 */ logId: number memberId: string } + "FileUploadResponse": { + /** + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/FileUploadResponse.json + */ + readonly $schema?: string + url: string + } "Item": { enabled: boolean notificationType: string } "Member": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/Member.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/Member.json + */ readonly $schema?: string alias: string avatar: string @@ -700,23 +734,23 @@ export interface components { } "PingResponse": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/PingResponse.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/PingResponse.json + */ readonly $schema?: string /** - * @description Ping message - * @example ping - */ + * @description Ping message + * @example ping + */ message: string } "PublicEvent": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/PublicEvent.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/PublicEvent.json + */ readonly $schema?: string /** Format: int64 */ clientId: number @@ -729,6 +763,7 @@ export interface components { githubIssueNumber: number gmtCreate: string gmtModified: string + images?: string[] | null logs: components["schemas"]["EventLog"][] | null member: components["schemas"]["PublicMember"] model: string @@ -738,10 +773,10 @@ export interface components { } "PublicMember": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/PublicMember.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/PublicMember.json + */ readonly $schema?: string alias: string avatar: string @@ -754,12 +789,13 @@ export interface components { } "UpdateClientEventInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/UpdateClientEventInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/UpdateClientEventInputBody.json + */ readonly $schema?: string contactPreference?: string + images?: string[] | null model?: string phone: string problem: string @@ -768,20 +804,20 @@ export interface components { } "UpdateMemberAvatarInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/UpdateMemberAvatarInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/UpdateMemberAvatarInputBody.json + */ readonly $schema?: string /** @description Avatar URL */ avatar: string } "UpdateMemberBasicRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/UpdateMemberBasicRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/UpdateMemberBasicRequest.json + */ readonly $schema?: string memberId: string name: string @@ -790,10 +826,10 @@ export interface components { } "UpdateMemberRequest": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/UpdateMemberRequest.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/UpdateMemberRequest.json + */ readonly $schema?: string MemberId: string alias: string @@ -805,10 +841,10 @@ export interface components { } "UpdateNotificationPreferencesInputBody": { /** - * Format: uri - * @description A URL to the JSON Schema for this object. - * @example https://api.nbtca.space/schemas/UpdateNotificationPreferencesInputBody.json - */ + * Format: uri + * @description A URL to the JSON Schema for this object. + * @example https://api.nbtca.space/schemas/UpdateNotificationPreferencesInputBody.json + */ readonly $schema?: string preferences: components["schemas"]["Item"][] | null } @@ -866,14 +902,14 @@ export interface operations { parameters: { query?: { /** - * @description Offset - * @example 0 - */ + * @description Offset + * @example 0 + */ offset?: number /** - * @description Limit - * @example 50 - */ + * @description Limit + * @example 50 + */ limit?: number status?: string order?: string @@ -921,9 +957,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -964,9 +1000,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1007,9 +1043,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1124,14 +1160,14 @@ export interface operations { parameters: { query?: { /** - * @description Offset - * @example 0 - */ + * @description Offset + * @example 0 + */ offset?: number /** - * @description Limit - * @example 50 - */ + * @description Limit + * @example 50 + */ limit?: number status?: string[] | null order?: string @@ -1247,9 +1283,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1290,9 +1326,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1488,14 +1524,14 @@ export interface operations { parameters: { query?: { /** - * @description Offset - * @example 0 - */ + * @description Offset + * @example 0 + */ offset?: number /** - * @description Limit - * @example 50 - */ + * @description Limit + * @example 50 + */ limit?: number status?: string order?: string @@ -1543,9 +1579,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1586,9 +1622,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1629,9 +1665,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1672,9 +1708,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1719,9 +1755,9 @@ export interface operations { } path: { /** - * @description Event ID - * @example 123 - */ + * @description Event ID + * @example 123 + */ EventId: number } cookie?: never @@ -1875,14 +1911,14 @@ export interface operations { parameters: { query?: { /** - * @description Offset - * @example 0 - */ + * @description Offset + * @example 0 + */ offset?: number /** - * @description Limit - * @example 50 - */ + * @description Limit + * @example 50 + */ limit?: number } header?: never @@ -1961,14 +1997,14 @@ export interface operations { parameters: { query?: { /** - * @description Offset - * @example 0 - */ + * @description Offset + * @example 0 + */ offset?: number /** - * @description Limit - * @example 50 - */ + * @description Limit + * @example 50 + */ limit?: number } header?: { @@ -2011,9 +2047,9 @@ export interface operations { header?: never path: { /** - * @description Name to greet - * @example 2333333333 - */ + * @description Name to greet + * @example 2333333333 + */ MemberId: string } cookie?: never @@ -2054,9 +2090,9 @@ export interface operations { } path: { /** - * @description Member ID - * @example 2333333333 - */ + * @description Member ID + * @example 2333333333 + */ MemberId: string } cookie?: never @@ -2101,9 +2137,9 @@ export interface operations { } path: { /** - * @description Member ID - * @example 2333333333 - */ + * @description Member ID + * @example 2333333333 + */ MemberId: string } cookie?: never @@ -2147,9 +2183,9 @@ export interface operations { } path: { /** - * @description Member Id - * @example 2333333333 - */ + * @description Member Id + * @example 2333333333 + */ MemberId: string } cookie?: never @@ -2191,9 +2227,9 @@ export interface operations { header?: never path: { /** - * @description Member Id - * @example 2333333333 - */ + * @description Member Id + * @example 2333333333 + */ MemberId: string } cookie?: never @@ -2263,4 +2299,51 @@ export interface operations { } } } + "upload-file": { + parameters: { + query?: never + header?: { + /** @description Bearer token or JWT token */ + Authorization?: string + } + path?: never + cookie?: never + } + requestBody?: { + content: { + "multipart/form-data": { + /** + * Format: binary + * @description Image file to upload (max 10MB) + */ + file: string + } + } + } + responses: { + /** @description OK */ + 200: { + headers: { + "X-Limit"?: number | null + "X-Offset"?: number | null + "X-Page"?: number | null + "X-Total-Count"?: number | null + "X-Total-Pages"?: number | null + [name: string]: unknown + } + content: { + "application/json": components["schemas"]["FileUploadResponse"] + } + } + /** @description Error */ + default: { + headers: { + [name: string]: unknown + } + content: { + "application/problem+json": components["schemas"]["ErrorModel"] + } + } + } + } }