credentials object requires different properties depending on the phone provider (which is specified using the name property).\n",
+ "tags": [
+ "branding"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingPhoneProviderRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingPhoneProviderRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Phone notification provider successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingPhoneProviderResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:phone_provider."
+ },
+ "409": {
+ "description": "Custom phone provider conflict."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "create_phone_provider",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:phone_providers"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/providers/{id}": {
+ "get": {
+ "summary": "Get a phone provider",
+ "description": "Retrieve phone provider details. A list of fields to include or exclude may also be specified.\n",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Phone provider successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetBrandingPhoneProviderResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid id for provider."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:phone_provider."
+ },
+ "404": {
+ "description": "Phone provider has not been configured."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_phone_provider",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:phone_providers"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Deletes a Phone Provider",
+ "description": "Delete the configured phone provider.\n",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Phone provider successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:phone_provider."
+ },
+ "404": {
+ "description": "Phone provider has not been configured."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_phone_provider",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:phone_providers"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update the phone provider",
+ "description": "Update a phone provider.\nThe credentials object requires different properties depending on the phone provider (which is specified using the name property).\n",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingPhoneProviderRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingPhoneProviderRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Phone provider successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingPhoneProviderResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:phone_provider."
+ },
+ "404": {
+ "description": "Phone provider has not been configured."
+ },
+ "409": {
+ "description": "Custom phone provider conflict."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "update_phone_provider",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:phone_providers"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/providers/{id}/try": {
+ "post": {
+ "summary": "Send a test phone notification for the configured provider",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneProviderSendTestRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneProviderSendTestRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "202": {
+ "description": "Phone notification sent.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneProviderSendTestResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: create:phone_provider."
+ },
+ "404": {
+ "description": "Phone provider has not been configured."
+ },
+ "409": {
+ "description": "Custom phone provider conflict."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "try_phone_provider",
+ "x-operation-name": "test",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "providers"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:phone_providers"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/templates": {
+ "get": {
+ "summary": "Get a list of phone notification templates",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "disabled",
+ "in": "query",
+ "description": "Whether the template is enabled (false) or disabled (true).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether the template is enabled (false) or disabled (true)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The phone notification templates were retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListPhoneTemplatesResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:phone_templates"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_phone_templates",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListPhoneTemplatesRequestParameters",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:phone_templates"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a phone notification template",
+ "tags": [
+ "branding"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "The phone notification template was created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: create:phone_templates"
+ },
+ "409": {
+ "description": "Phone template already configured for tenant"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "create_phone_template",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:phone_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/templates/{id}": {
+ "get": {
+ "summary": "Get a phone notification template",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The phone notification template were retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetPhoneTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:phone_templates"
+ },
+ "404": {
+ "description": "Phone template does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_phone_template",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:phone_templates"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a phone notification template",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The phone notification template was deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: delete:phone_templates"
+ },
+ "404": {
+ "description": "Phone template does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_phone_template",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:phone_templates"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a phone notification template",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdatePhoneTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdatePhoneTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The phone notification template was updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdatePhoneTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: update:phone_templates"
+ },
+ "404": {
+ "description": "Phone template does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "update_phone_template",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:phone_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/templates/{id}/reset": {
+ "patch": {
+ "summary": "Resets a phone notification template values",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ResetPhoneTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/ResetPhoneTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The phone notification template was reset.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ResetPhoneTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: create:phone_templates"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "reset_phone_template",
+ "x-operation-name": "reset",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:phone_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/phone/templates/{id}/try": {
+ "post": {
+ "summary": "Send a test phone notification for the configured template",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "required": true,
+ "schema": {
+ "type": "string"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateTestNotificationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateTestNotificationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "202": {
+ "description": "The phone testing notification for the template was sent",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePhoneTemplateTestNotificationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: create:phone_templates"
+ },
+ "404": {
+ "description": "Phone template does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "try_phone_template",
+ "x-operation-name": "test",
+ "x-operation-group": [
+ "branding",
+ "phone",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:phone_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/templates/universal-login": {
+ "get": {
+ "summary": "Get template for New Universal Login Experience",
+ "tags": [
+ "branding"
+ ],
+ "responses": {
+ "200": {
+ "description": "Template successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetUniversalLoginTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required for this feature."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: read:branding"
+ },
+ "404": {
+ "description": "Template does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_universal-login",
+ "x-operation-name": "getUniversalLogin",
+ "x-operation-group": [
+ "branding",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:branding"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete template for New Universal Login Experience",
+ "tags": [
+ "branding"
+ ],
+ "responses": {
+ "204": {
+ "description": "Template successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required for this feature."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: delete:branding."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_universal-login",
+ "x-operation-name": "deleteUniversalLogin",
+ "x-operation-group": [
+ "branding",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:branding"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Set template for New Universal Login Experience",
+ "description": "Update the Universal Login branding template.\n\nWhen content-type header is set to application/json, the expected body must be JSON:
\n{\n \"template\": \"<!DOCTYPE html><html><head>{%- auth0:head -%}</head><body>{%- auth0:widget -%}</body></html>\"\n}\n\n\n\n When content-type header is set to text/html, the expected body must be the HTML template:\n
\n<!DOCTYPE html>\n<code>\n <html>\n <head>\n {%- auth0:head -%}\n </head>\n <body>\n {%- auth0:widget -%}\n </body>\n </html>\n</code>\n\n",
+ "tags": [
+ "branding"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateUniversalLoginTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateUniversalLoginTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Template successfully created."
+ },
+ "204": {
+ "description": "Template successfully updated."
+ },
+ "400": {
+ "description": "Payload content length greater than maximum allowed: 102400.",
+ "x-description-1": "Payload content missing required Liquid tags (auth0:head and auth0:widget)."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required for this feature."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: update:branding."
+ },
+ "409": {
+ "description": "Template update conflict."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_universal-login",
+ "x-operation-name": "updateUniversalLogin",
+ "x-operation-group": [
+ "branding",
+ "templates"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:branding"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/themes": {
+ "post": {
+ "summary": "Create branding theme",
+ "description": "Create branding theme.",
+ "tags": [
+ "branding"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingThemeRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingThemeRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Branding settings successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateBrandingThemeResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:branding."
+ },
+ "409": {
+ "description": "There was an error updating branding settings: The theme already exists"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_branding_theme",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "branding",
+ "themes"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:branding"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/themes/default": {
+ "get": {
+ "summary": "Get default branding theme",
+ "description": "Retrieve default branding theme.",
+ "tags": [
+ "branding"
+ ],
+ "responses": {
+ "200": {
+ "description": "Branding theme successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetBrandingDefaultThemeResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "The specified client cannot perform the requested operation.",
+ "x-description-1": "Insufficient scope; expected any of: read:branding."
+ },
+ "404": {
+ "description": "There was an error retrieving branding settings: invalid theme ID"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_default_branding_theme",
+ "x-operation-name": "getDefault",
+ "x-operation-group": [
+ "branding",
+ "themes"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:branding"
+ ]
+ }
+ ]
+ }
+ },
+ "/branding/themes/{themeId}": {
+ "get": {
+ "summary": "Get branding theme",
+ "description": "Retrieve branding theme.",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "themeId",
+ "in": "path",
+ "description": "The ID of the theme",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The ID of the theme"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Branding theme successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetBrandingThemeResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "The specified client cannot perform the requested operation.",
+ "x-description-1": "Insufficient scope; expected any of: read:branding."
+ },
+ "404": {
+ "description": "There was an error retrieving branding settings: invalid theme ID"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_branding_theme",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "branding",
+ "themes"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:branding"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete branding theme",
+ "description": "Delete branding theme.",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "themeId",
+ "in": "path",
+ "description": "The ID of the theme",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The ID of the theme"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Branding theme successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "The specified client cannot perform the requested operation.",
+ "x-description-1": "Insufficient scope; expected any of: delete:branding."
+ },
+ "404": {
+ "description": "There was an error deleting branding settings: invalid theme ID"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_branding_theme",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "branding",
+ "themes"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:branding"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update branding theme",
+ "description": "Update branding theme.",
+ "tags": [
+ "branding"
+ ],
+ "parameters": [
+ {
+ "name": "themeId",
+ "in": "path",
+ "description": "The ID of the theme",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The ID of the theme"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingThemeRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingThemeRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Branding settings successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateBrandingThemeResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:branding."
+ },
+ "404": {
+ "description": "There was an error updating branding settings: invalid theme ID"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_branding_theme",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "branding",
+ "themes"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:branding"
+ ]
+ }
+ ]
+ }
+ },
+ "/client-grants": {
+ "get": {
+ "summary": "Get client grants",
+ "description": "Retrieve a list of client grants, including the scopes associated with the application/API pair.\n",
+ "tags": [
+ "client-grants"
+ ],
+ "parameters": [
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "audience",
+ "in": "query",
+ "description": "Optional filter on audience.",
+ "schema": {
+ "type": "string",
+ "description": "Optional filter on audience."
+ }
+ },
+ {
+ "name": "client_id",
+ "in": "query",
+ "description": "Optional filter on client_id.",
+ "schema": {
+ "type": "string",
+ "description": "Optional filter on client_id."
+ }
+ },
+ {
+ "name": "allow_any_organization",
+ "in": "query",
+ "description": "Optional filter on allow_any_organization.",
+ "schema": {
+ "$ref": "#/components/schemas/ClientGrantAllowAnyOrganizationEnum"
+ }
+ },
+ {
+ "name": "subject_type",
+ "in": "query",
+ "description": "The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "schema": {
+ "$ref": "#/components/schemas/ClientGrantSubjectTypeEnum"
+ },
+ "x-release-lifecycle": "EA"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Client grants successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListClientGrantResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:client_grants."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_client-grants",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListClientGrantsRequestParameters",
+ "x-operation-group": "clientGrants",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:client_grants"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create client grant",
+ "description": "Create a client grant for a machine-to-machine login flow. To learn more, read Client Credential Flow.",
+ "tags": [
+ "client-grants"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateClientGrantRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateClientGrantRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Client grant successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateClientGrantResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:client_grants."
+ },
+ "404": {
+ "description": "Resource server not found",
+ "x-description-1": "Client not found"
+ },
+ "409": {
+ "description": "A resource server with the same identifier already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_client-grants",
+ "x-operation-name": "create",
+ "x-operation-group": "clientGrants",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:client_grants"
+ ]
+ }
+ ]
+ }
+ },
+ "/client-grants/{id}": {
+ "delete": {
+ "summary": "Delete client grant",
+ "description": "Delete the Client Credential Flow from your machine-to-machine application.\n",
+ "tags": [
+ "client-grants"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the client grant to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client grant to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Client grant successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:client_grants."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_client-grants_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "clientGrants",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:client_grants"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update client grant",
+ "description": "Update a client grant.",
+ "tags": [
+ "client-grants"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the client grant to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client grant to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientGrantRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientGrantRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Client grant successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientGrantResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:client_grants."
+ },
+ "404": {
+ "description": "The client grant does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_client-grants_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "clientGrants",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:client_grants"
+ ]
+ }
+ ]
+ }
+ },
+ "/client-grants/{id}/organizations": {
+ "get": {
+ "summary": "Get the organizations associated to a client grant",
+ "tags": [
+ "client-grants"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the client grant",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client grant"
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Organizations successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListClientGrantOrganizationsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string paging options. The message will vary depending on the cause"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_client_grants."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_client-grant-organizations",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListClientGrantOrganizationsRequestParameters",
+ "x-operation-group": [
+ "clientGrants",
+ "organizations"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_client_grants"
+ ]
+ }
+ ]
+ }
+ },
+ "/clients": {
+ "get": {
+ "summary": "Get clients",
+ "description": "Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or exclude may also be specified.\nFor more information, read Applications in Auth0 and Single Sign-On.\n\nclient_id, app_type, name, and description.\n read:clients or\n read:client_keys scope:\n callbacks, oidc_logout, allowed_origins,\n web_origins, tenant, global, config_route,\n callback_url_template, jwt_configuration,\n jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,\n jwt_configuration.scopes, jwt_configuration.alg, api_type,\n logo_uri, allowed_clients, owners, custom_login_page,\n custom_login_page_off, sso, addons, form_template,\n custom_login_page_codeview, resource_servers, client_metadata,\n mobile, mobile.android, mobile.ios, allowed_logout_urls,\n token_endpoint_auth_method, is_first_party, oidc_conformant,\n is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,\n refresh_token, refresh_token.rotation_type, refresh_token.expiration_type,\n refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage,\n organization_require_behavior.\n read:client_keys or read:client_credentials scope:\n encryption_key, encryption_key.pub, encryption_key.cert,\n client_secret, client_authentication_methods and signing_key.\n client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use \nclient_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method\nto configure the client with client secret (basic or post) or with no authentication method (none).\n- When using client_authentication_methods to configure the client with Private Key JWT authentication method, specify fully defined credentials. \nThese credentials will be automatically enabled for Private Key JWT authentication on the client. \n- To configure client_authentication_methods, the create:client_credentials scope is required.\n- To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256.\n\nclient_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.\n",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "client_id",
+ "in": "path",
+ "description": "ID of the client.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credentials successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/ClientCredential"
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:client_credentials."
+ },
+ "404": {
+ "description": "Client not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_credentials",
+ "x-operation-name": "list",
+ "x-operation-group": [
+ "clients",
+ "credentials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:client_credentials"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a client credential",
+ "description": "Create a client credential associated to your application. Credentials can be used to configure Private Key JWT and mTLS authentication methods, as well as for JWT-secured Authorization requests.\n\n{\n \"credential_type\": \"public_key\",\n \"name\": \"string\",\n \"pem\": \"string\",\n \"alg\": \"RS256\",\n \"parse_expiry_from_cert\": false,\n \"expires_at\": \"2022-12-31T23:59:59Z\"\n}{\n \"credential_type\": \"x509_cert\",\n \"name\": \"string\",\n \"pem\": \"string\"\n}{\n \"credential_type\": \"cert_subject_dn\",\n \"name\": \"string\",\n \"subject_dn\": \"string\"\n}{\n \"credential_type\": \"cert_subject_dn\",\n \"name\": \"string\",\n \"pem\": \"string\"\n}client_authentication_methods property on the client. For more information, read Configure Private Key JWT Authentication and Configure mTLS Authenticationsigned_request_objectproperty on the client. For more information, read Configure JWT-secured Authorization Requests (JAR)client_authentication_methods property on the client. To enable credentials to be used for JWT-Secured Authorization requests set the signed_request_object property on the client.\n",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "client_id",
+ "in": "path",
+ "description": "ID of the client.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client."
+ }
+ },
+ {
+ "name": "credential_id",
+ "in": "path",
+ "description": "ID of the credential.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the credential."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Credential successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetClientCredentialResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:client_credentials."
+ },
+ "404": {
+ "description": "Client not found.",
+ "x-description-1": "Credential does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_credentials_by_credential_id",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "clients",
+ "credentials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:client_credentials"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a client credential",
+ "description": "Delete a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "client_id",
+ "in": "path",
+ "description": "ID of the client.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client."
+ }
+ },
+ {
+ "name": "credential_id",
+ "in": "path",
+ "description": "ID of the credential to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the credential to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Credential successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:client_credentials."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_credentials_by_credential_id",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "clients",
+ "credentials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:client_credentials"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a client credential",
+ "description": "Change a client credential you previously created. May be enabled or disabled. For more information, read Client Credential Flow.",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "client_id",
+ "in": "path",
+ "description": "ID of the client.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client."
+ }
+ },
+ {
+ "name": "credential_id",
+ "in": "path",
+ "description": "ID of the credential.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the credential."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/PatchClientCredentialRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/PatchClientCredentialRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Credential successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/PatchClientCredentialResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:client_credentials."
+ },
+ "404": {
+ "description": "Client not found.",
+ "x-description-1": "Credential does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_credentials_by_credential_id",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "clients",
+ "credentials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:client_credentials"
+ ]
+ }
+ ]
+ }
+ },
+ "/clients/{id}": {
+ "get": {
+ "summary": "Get client by ID",
+ "description": "Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list of fields to include or exclude may also be specified. \nFor more information, read Applications in Auth0 and Single Sign-On.\nclient_id, app_type, name, and description.\n read:clients or\n read:client_keys scopes:\n callbacks, oidc_logout, allowed_origins,\n web_origins, tenant, global, config_route,\n callback_url_template, jwt_configuration,\n jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,\n jwt_configuration.scopes, jwt_configuration.alg, api_type,\n logo_uri, allowed_clients, owners, custom_login_page,\n custom_login_page_off, sso, addons, form_template,\n custom_login_page_codeview, resource_servers, client_metadata,\n mobile, mobile.android, mobile.ios, allowed_logout_urls,\n token_endpoint_auth_method, is_first_party, oidc_conformant,\n is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,\n refresh_token, refresh_token.rotation_type, refresh_token.expiration_type,\n refresh_token.leeway, refresh_token.token_lifetime, refresh_token.policies, organization_usage,\n organization_require_behavior.\n read:client_keys or read:client_credentials scopes:\n encryption_key, encryption_key.pub, encryption_key.cert,\n client_secret, client_authentication_methods and signing_key.\n client_authentication_methods and token_endpoint_auth_method properties are mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT authentication method. Otherwise, use token_endpoint_auth_method to configure the client with client secret (basic or post) or with no authentication method (none).\n- When using client_authentication_methods to configure the client with Private Key JWT authentication method, only specify the credential IDs that were generated when creating the credentials on the client.\n- To configure client_authentication_methods, the update:client_credentials scope is required.\n- To configure client_authentication_methods, the property jwt_configuration.alg must be set to RS256.\n- To change a client's is_first_party property to false, the organization_usage and organization_require_behavior properties must be unset.\n",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the client to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Client successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateClientResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:clients, update:client_keys.",
+ "x-description-1": "Some fields cannot be updated with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes.",
+ "x-description-2": "The account is not allowed to perform this operation.",
+ "x-description-3": "Organizations are only available to first party clients on user-based flows. Properties organization_usage and organization_require_behavior must be unset for third party clients."
+ },
+ "404": {
+ "description": "Client not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_clients_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "clients",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:clients",
+ "update:client_keys",
+ "update:client_credentials"
+ ]
+ }
+ ]
+ }
+ },
+ "/clients/{id}/connections": {
+ "get": {
+ "summary": "Get enabled connections for a client",
+ "description": "Retrieve all connections that are enabled for the specified Application, using checkpoint pagination. A list of fields to include or exclude for each connection may also be specified.\nread:connections scope and any one of read:clients or read:client_summary.\n from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no further results are remaining.\n true if the fields specified are to be included in the result, false otherwise (defaults to true)",
+ "schema": {
+ "type": "boolean",
+ "description": "true if the fields specified are to be included in the result, false otherwise (defaults to true)"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Success",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListClientConnectionsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: read:connections and any of: read:clients or read:client_summary."
+ },
+ "404": {
+ "description": "Client does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_client_connections",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "clients",
+ "connections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections",
+ "read:clients",
+ "read:client_summary"
+ ]
+ }
+ ]
+ }
+ },
+ "/clients/{id}/rotate-secret": {
+ "post": {
+ "summary": "Rotate a client secret",
+ "description": "Rotate a client secret.\n\nThis endpoint cannot be used with clients configured with Private Key JWT authentication method (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded.\n\nFor more information, read Rotate Client Secrets.",
+ "tags": [
+ "clients"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the client that will rotate secrets.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the client that will rotate secrets."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Secret successfully rotated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RotateClientSecretResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:client_keys.",
+ "x-description-1": "Some fields cannot be updated with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes."
+ },
+ "404": {
+ "description": "Client not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_rotate-secret",
+ "x-operation-name": "rotateSecret",
+ "x-operation-group": "clients",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:client_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections": {
+ "get": {
+ "summary": "Get all connections",
+ "description": "Retrieves detailed list of all connections that match the specified strategy. If no strategy is provided, all connections within your tenant are retrieved. This action can accept a list of fields to include or exclude from the resulting list of connections. \n\nThis endpoint supports two types of pagination:\nfrom: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "The amount of entries per page. Defaults to 100 if not provided",
+ "schema": {
+ "type": "integer",
+ "description": "The amount of entries per page. Defaults to 100 if not provided"
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "The page number. Zero based",
+ "schema": {
+ "type": "integer",
+ "description": "The page number. Zero based"
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "true if a query summary must be included in the result, false otherwise. Not returned when using checkpoint pagination. Default false.",
+ "schema": {
+ "type": "boolean",
+ "description": "true if a query summary must be included in the result, false otherwise. Not returned when using checkpoint pagination. Default false."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "strategy",
+ "in": "query",
+ "description": "Provide strategies to only retrieve connections with such strategies",
+ "style": "form",
+ "explode": true,
+ "schema": {
+ "type": "array",
+ "description": "Provide strategies to only retrieve connections with such strategies",
+ "items": {
+ "$ref": "#/components/schemas/ConnectionStrategyEnum"
+ }
+ }
+ },
+ {
+ "name": "name",
+ "in": "query",
+ "description": "Provide the name of the connection to retrieve",
+ "schema": {
+ "type": "string",
+ "description": "Provide the name of the connection to retrieve"
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields",
+ "schema": {
+ "type": "string",
+ "description": "A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields"
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "true if the fields specified are to be included in the result, false otherwise (defaults to true)",
+ "schema": {
+ "type": "boolean",
+ "description": "true if the fields specified are to be included in the result, false otherwise (defaults to true)"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The connections were retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListConnectionsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:connections"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_connections",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListConnectionsQueryParameters",
+ "x-operation-group": "connections",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a connection",
+ "description": "Creates a new connection according to the JSON object received in body.true if the fields specified are to be included in the result, false otherwise (defaults to true)",
+ "schema": {
+ "type": "boolean",
+ "description": "true if the fields specified are to be included in the result, false otherwise (defaults to true)"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The connection was retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetConnectionResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:connections"
+ },
+ "404": {
+ "description": "The connection does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_connections_by_id",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetConnectionRequestParameters",
+ "x-operation-group": "connections",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a connection",
+ "description": "Removes a specific connection from your tenant. This action cannot be undone. Once removed, users can no longer use this connection to authenticate.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to delete"
+ }
+ }
+ ],
+ "responses": {
+ "202": {
+ "description": "The connection is being deleted."
+ },
+ "204": {
+ "description": "The connection no longer exists."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: delete:connections"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_connections_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "connections",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:connections"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a connection",
+ "description": "Update details for a specific connection, including option properties for identity provider configuration.\n\nNote: If you use the options parameter, the entire options object is overriden. To avoid partial data or other issues, ensure all parameters are present when using this option.",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to update",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to update"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateConnectionRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateConnectionRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The connection was updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateConnectionResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-2": "This database contains users. You cannot change \"options.enabledDatabaseCustomization\" setting.",
+ "x-description-3": "Your account is not allowed to set options.set_user_root_attributes",
+ "x-description-4": "The Azure AD common endpoint cannot be enabled for this connection when SCIM is enabled.",
+ "x-description-5": "options.set_user_root_attributes can be set only for enterprise connections, social connections or custom database connections (using external users store)"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: update:connections"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ },
+ "409": {
+ "description": "The name/client_id tuple has already been used for another connection"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_connections_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "connections",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/clients": {
+ "get": {
+ "summary": "Get enabled clients for a connection",
+ "description": "Retrieve all clients that have the specified connection enabled.\n\nNote: The first time you call this endpoint, omit the from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no further results are remaining.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection for which enabled clients are to be retrieved",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection for which enabled clients are to be retrieved"
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Success",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetConnectionEnabledClientsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:connections"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_connection_clients",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetConnectionEnabledClientsRequestParameters",
+ "x-operation-group": [
+ "connections",
+ "clients"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update enabled clients for a connection",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to modify",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to modify"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateEnabledClientConnectionsRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateEnabledClientConnectionsRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Success"
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-2": "Tenant Phone Provider not set. Connection can not be enable on a client.",
+ "x-description-3": "Passwordless cannot be enabled for a client, as delivery method (sms/text) is not supported by the configured Tenant phone provider"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: update:connections"
+ },
+ "404": {
+ "description": "The connection does not exist",
+ "x-description-1": "The client does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_clients",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "connections",
+ "clients"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/keys": {
+ "get": {
+ "summary": "Get connection keys",
+ "description": "Gets the connection keys for the Okta or OIDC connection strategy.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the connection",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the connection"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connection keys successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/ConnectionKey"
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "keys are not available for this connection"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:connections_keys."
+ },
+ "404": {
+ "description": "Connection not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_keys",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "connections",
+ "keys"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/keys/rotate": {
+ "post": {
+ "summary": "Rotate connection keys",
+ "description": "Rotates the connection keys for the Okta or OIDC connection strategies.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the connection",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the connection"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RotateConnectionKeysRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/RotateConnectionKeysRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Connection keys successfully rotated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RotateConnectionsKeysResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Key rotation is not supported on this connection",
+ "x-description-2": "Connection is not configured to use JWT Client Authentication"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected all of: create:connections_keys, update:connections_keys."
+ },
+ "404": {
+ "description": "Connection not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_rotate",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "rotate",
+ "x-operation-group": [
+ "connections",
+ "keys"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:connections_keys",
+ "update:connections_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/scim-configuration": {
+ "get": {
+ "summary": "Get a connection's SCIM configuration",
+ "description": "Retrieves a scim configuration by its connectionId.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to retrieve its SCIM configuration",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to retrieve its SCIM configuration"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The connection's SCIM configuration was retrieved. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetScimConfigurationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist",
+ "x-description-1": "Not Found"
+ }
+ },
+ "operationId": "get_scim-configuration",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:scim_config"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a connection's SCIM configuration",
+ "description": "Deletes a scim configuration by its connectionId.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to delete its SCIM configuration",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to delete its SCIM configuration"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The connection's SCIM configuration has been deleted."
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ }
+ },
+ "operationId": "delete_scim-configuration",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:scim_config"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Patch a connection's SCIM configuration",
+ "description": "Update a scim configuration by its connectionId.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to update its SCIM configuration",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to update its SCIM configuration"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateScimConfigurationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateScimConfigurationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "The connection's SCIM configuration was updated. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateScimConfigurationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid mapping provided",
+ "x-description-1": "Invalid payload",
+ "x-description-2": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ }
+ },
+ "operationId": "patch_scim-configuration",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:scim_config"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a SCIM configuration",
+ "description": "Create a scim configuration for a connection.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to create its SCIM configuration",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to create its SCIM configuration"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimConfigurationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimConfigurationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "The connection's SCIM configuration was created. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimConfigurationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Path validation error",
+ "x-description-1": "SCIM configuration alreay exists for connection",
+ "x-description-2": "Invalid mapping provided",
+ "x-description-3": "Invalid payload",
+ "x-description-4": "SCIM cannot be enabled for this connection when the Azure AD common endpoint is used."
+ },
+ "404": {
+ "description": "The connection does not exist"
+ }
+ },
+ "operationId": "post_scim-configuration",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:scim_config"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/scim-configuration/default-mapping": {
+ "get": {
+ "summary": "Get a connection's default SCIM mapping",
+ "description": "Retrieves a scim configuration's default mapping by its connectionId.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to retrieve its default SCIM mapping",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to retrieve its default SCIM mapping"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The connection's default SCIM mapping was retrieved. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetScimConfigurationDefaultMappingResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "Not Found",
+ "x-description-1": "The connection does not exist"
+ }
+ },
+ "operationId": "get_default-mapping",
+ "x-operation-name": "getDefaultMapping",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:scim_config"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/scim-configuration/tokens": {
+ "get": {
+ "summary": "Get a connection's SCIM tokens",
+ "description": "Retrieves all scim tokens by its connection id.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to retrieve its SCIM configuration",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to retrieve its SCIM configuration"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The connection's SCIM tokens were retrieved. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetScimTokensResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ }
+ },
+ "operationId": "get_scim_tokens",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration",
+ "tokens"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:scim_token"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a SCIM Token",
+ "description": "Create a scim token for a scim client.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection to create its SCIM token",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection to create its SCIM token"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimTokenRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimTokenRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "The connection's SCIM token was created. See Response Schemas for schema.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateScimTokenResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ },
+ "409": {
+ "description": "Maximum of 2 tokens already issued for this connection"
+ }
+ },
+ "operationId": "post_scim_token",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration",
+ "tokens"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:scim_token"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/scim-configuration/tokens/{tokenId}": {
+ "delete": {
+ "summary": "Delete a connection's SCIM token",
+ "description": "Deletes a scim token by its connection id and tokenId.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The connection id that owns the SCIM token to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The connection id that owns the SCIM token to delete"
+ }
+ },
+ {
+ "name": "tokenId",
+ "in": "path",
+ "description": "The id of the scim token to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the scim token to delete"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The SCIM token has been deleted."
+ },
+ "400": {
+ "description": "Path validation error"
+ },
+ "404": {
+ "description": "The connection does not exist"
+ }
+ },
+ "operationId": "delete_tokens_by_tokenId",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "connections",
+ "scimConfiguration",
+ "tokens"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:scim_token"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/status": {
+ "get": {
+ "summary": "Check connection status",
+ "description": "Retrieves the status of an ad/ldap connection referenced by its ID. 200 OK http status code response is returned when the connection is online, otherwise a 404 status code is returned along with an error message",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the connection to check",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the connection to check"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connection status successfully retrieved."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:connections."
+ },
+ "404": {
+ "description": "Connection not found.",
+ "x-description-1": "not connected to any node"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_status",
+ "x-operation-name": "checkStatus",
+ "x-operation-group": "connections",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/connections/{id}/users": {
+ "delete": {
+ "summary": "Delete a connection user",
+ "description": "Deletes a specified connection user by its email (you cannot delete all users from specific connection). Currently, only Database Connections are supported.\n",
+ "tags": [
+ "connections"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the connection (currently only database connections are supported)",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the connection (currently only database connections are supported)"
+ }
+ },
+ {
+ "name": "email",
+ "in": "query",
+ "description": "The email of the user to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The email of the user to delete"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The user no longer exists."
+ },
+ "400": {
+ "description": "The connection does not exist",
+ "x-description-1": "Connection must be a database connection",
+ "x-description-2": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: delete:users"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_users_by_email",
+ "x-operation-name": "deleteByEmail",
+ "x-operation-request-parameters-name": "DeleteConnectionUsersByEmailQueryParameters",
+ "x-operation-group": [
+ "connections",
+ "users"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/custom-domains": {
+ "get": {
+ "summary": "Get custom domains configurations",
+ "description": "Retrieve details on custom domains.",
+ "tags": [
+ "custom-domains"
+ ],
+ "responses": {
+ "200": {
+ "description": "Custom domains successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListCustomDomainsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:custom_domains.",
+ "x-description-1": "Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes.",
+ "x-description-2": "The account is not allowed to perform this operation.",
+ "x-description-3": "There must be a verified credit card on file to perform this operation"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_custom-domains",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListCustomDomainsRequestParameters",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:custom_domains"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Configure a new custom domain",
+ "description": "Create a new custom domain.\n\nNote: The custom domain will need to be verified before it will accept\nrequests.\n\nOptional attributes that can be updated:\n\n- custom_client_ip_header\n- tls_policy\n\n\nTLS Policies:\n\n- recommended - for modern usage this includes TLS 1.2 only\n",
+ "tags": [
+ "custom-domains"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateCustomDomainRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateCustomDomainRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Custom domain successfully created (verification is pending).",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateCustomDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "The 'tls_policy' cannot be set on self_managed domains",
+ "x-description-2": "The 'custom_client_ip_header' cannot be set on auth0_managed domains"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:custom_domains.",
+ "x-description-1": "The account is not allowed to perform this operation.",
+ "x-description-2": "There must be a verified credit card on file to perform this operation"
+ },
+ "409": {
+ "description": "Custom domain already exists.",
+ "x-description-1": "You reached the maximum number of custom domains for your account."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_custom-domains",
+ "x-operation-name": "create",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:custom_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/custom-domains/{id}": {
+ "get": {
+ "summary": "Get custom domain configuration",
+ "description": "Retrieve a custom domain configuration and status.",
+ "tags": [
+ "custom-domains"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the custom domain to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the custom domain to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Custom domain successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetCustomDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:custom_domains.",
+ "x-description-1": "Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes.",
+ "x-description-2": "The account is not allowed to perform this operation.",
+ "x-description-3": "There must be a verified credit card on file to perform this operation"
+ },
+ "404": {
+ "description": "Custom domain not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_custom-domains_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:custom_domains"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete custom domain configuration",
+ "description": "Delete a custom domain and stop serving requests for it.",
+ "tags": [
+ "custom-domains"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the custom domain to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the custom domain to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Custom domain successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:custom_domains.",
+ "x-description-1": "The account is not allowed to perform this operation.",
+ "x-description-2": "There must be a verified credit card on file to perform this operation."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_custom-domains_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:custom_domains"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update custom domain configuration",
+ "description": "Update a custom domain.\n\nThese are the attributes that can be updated:\n\n- custom_client_ip_header\n- tls_policy\n\ncustom_client_ip_header for a domain, the body to\nsend should be:\n{ \"custom_client_ip_header\": \"cf-connecting-ip\" }tls_policy for a domain, the body to send should be:\n{ \"tls_policy\": \"recommended\" }compatible TLS policy is no longer supported.\n",
+ "tags": [
+ "custom-domains"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the custom domain to update",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the custom domain to update"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateCustomDomainRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateCustomDomainRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Custom domain updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateCustomDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "The 'tls_policy' cannot be set on self_managed domains",
+ "x-description-2": "The 'custom_client_ip_header' cannot be set on auth0_managed domains"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: update:custom_domains.",
+ "x-description-1": "Your account is not allowed to perform this operation.",
+ "x-description-2": "There must be a verified credit card on file to perform this operation"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_custom-domains_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:custom_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/custom-domains/{id}/test": {
+ "post": {
+ "summary": "Test a custom domain",
+ "description": "Run the test process on a custom domain.",
+ "tags": [
+ "custom-domains"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the custom domain to test.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the custom domain to test."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Custom domain test successfully completed.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/TestCustomDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:custom_domains.",
+ "x-description-1": "The account is not allowed to perform this operation.",
+ "x-description-2": "There must be a verified credit card on file to perform this operation"
+ },
+ "404": {
+ "description": "Custom domain not found."
+ },
+ "409": {
+ "description": "The custom domain is not ready."
+ }
+ },
+ "operationId": "post_test_domain",
+ "x-operation-name": "test",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:custom_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/custom-domains/{id}/verify": {
+ "post": {
+ "summary": "Verify a custom domain",
+ "description": "Run the verification process on a custom domain.\n\nNote: Check the status field to see its verification status. Once verification is complete, it may take up to 10 minutes before the custom domain can start accepting requests.\n\nFor self_managed_certs, when the custom domain is verified for the first time, the response will also include the cname_api_key which you will need to configure your proxy. This key must be kept secret, and is used to validate the proxy requests.\n\nLearn more about verifying custom domains that use Auth0 Managed certificates.\nLearn more about verifying custom domains that use Self Managed certificates.\n",
+ "tags": [
+ "custom-domains"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the custom domain to verify.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the custom domain to verify."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Custom domain successfully verified.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/VerifyCustomDomainResponseContent"
+ }
+ }
+ },
+ "x-description-1": "Custom domain failed verification."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Custom domain already verified."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:custom_domains.",
+ "x-description-1": "The account is not allowed to perform this operation.",
+ "x-description-2": "There must be a verified credit card on file to perform this operation"
+ },
+ "404": {
+ "description": "Custom domain not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_verify",
+ "x-operation-name": "verify",
+ "x-operation-group": "customDomains",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:custom_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/device-credentials": {
+ "get": {
+ "summary": "Retrieve device credentials",
+ "description": "Retrieve device credential information (public_key, refresh_token, or rotating_refresh_token) associated with a specific user.\n",
+ "tags": [
+ "device-credentials"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. There is a maximum of 1000 results allowed from this endpoint.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. There is a maximum of 1000 results allowed from this endpoint."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ },
+ {
+ "name": "user_id",
+ "in": "query",
+ "description": "user_id of the devices to retrieve.",
+ "schema": {
+ "type": "string",
+ "description": "user_id of the devices to retrieve."
+ }
+ },
+ {
+ "name": "client_id",
+ "in": "query",
+ "description": "client_id of the devices to retrieve.",
+ "schema": {
+ "type": "string",
+ "description": "client_id of the devices to retrieve."
+ }
+ },
+ {
+ "name": "type",
+ "in": "query",
+ "description": "Type of credentials to retrieve. Must be `public_key`, `refresh_token` or `rotating_refresh_token`. The property will default to `refresh_token` when paging is requested",
+ "schema": {
+ "$ref": "#/components/schemas/DeviceCredentialTypeEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Device credentials successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListDeviceCredentialsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation.",
+ "x-description-3": "Username is malformed, try with '{connection}\\{email_or_username}'",
+ "x-description-4": "Bad username or password."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope, expected any of: read:device_credentials",
+ "x-description-2": "Cannot retrieve device credentials for that user.",
+ "x-description-3": "Cannot retrieve device credentials for that client.",
+ "x-description-4": "Must provide client_id parameter."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_device-credentials",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListDeviceCredentialsRequestParameters",
+ "x-operation-group": "deviceCredentials",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:device_credentials"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a device public key credential",
+ "description": "Create a device credential public key to manage refresh token rotation for a given user_id. Device Credentials APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET requests.\n\nWhen refresh token rotation is enabled, the endpoint becomes consistent. For more information, read Signing Keys.\n",
+ "tags": [
+ "device-credentials"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePublicKeyDeviceCredentialRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePublicKeyDeviceCredentialRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Device credentials successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreatePublicKeyDeviceCredentialResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Username is malformed, try with \"{connection}\\{email_or_username}\".",
+ "x-description-3": "Bad username or password."
+ },
+ "403": {
+ "description": "Cannot create device credentials for that user.",
+ "x-description-1": "Cannot create device credentials for that client.",
+ "x-description-2": "Insufficient scope; expected any of: create:current_user_device_credentials."
+ },
+ "409": {
+ "description": "A public key already exists for the device."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_device-credentials",
+ "x-operation-name": "createPublicKey",
+ "x-operation-group": "deviceCredentials",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:current_user_device_credentials"
+ ]
+ }
+ ]
+ }
+ },
+ "/device-credentials/{id}": {
+ "delete": {
+ "summary": "Delete a device credential",
+ "description": "Permanently delete a device credential (such as a refresh token or public key) with the given ID.",
+ "tags": [
+ "device-credentials"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the credential to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the credential to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Device credentials successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation.",
+ "x-description-3": "Username is malformed, try with \"{connection}\\{email_or_username}\".",
+ "x-description-4": "Bad username or password."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:device_credentials, update:current_user, delete:current_user_device_credentials."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_device-credentials_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "deviceCredentials",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:device_credentials",
+ "delete:current_user_device_credentials"
+ ]
+ }
+ ]
+ }
+ },
+ "/email-templates": {
+ "post": {
+ "summary": "Create an email template",
+ "description": "Create an email template.",
+ "tags": [
+ "email-templates"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEmailTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEmailTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Template successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEmailTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: create:email_templates."
+ },
+ "409": {
+ "description": "Template (templateName) already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_email-templates",
+ "x-operation-name": "create",
+ "x-operation-group": "emailTemplates",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:email_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/email-templates/{templateName}": {
+ "get": {
+ "summary": "Get an email template",
+ "description": "Retrieve an email template by pre-defined name. These names are `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, and `async_approval`. The names `change_password`, and `password_reset` are also supported for legacy scenarios.",
+ "tags": [
+ "email-templates"
+ ],
+ "parameters": [
+ {
+ "name": "templateName",
+ "in": "path",
+ "description": "Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `async_approval`, `change_password` (legacy), or `password_reset` (legacy).",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Template successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetEmailTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: read:email_templates."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_email-templates_by_templateName",
+ "x-operation-name": "get",
+ "x-operation-group": "emailTemplates",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:email_templates"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Patch an email template",
+ "description": "Modify an email template.",
+ "tags": [
+ "email-templates"
+ ],
+ "parameters": [
+ {
+ "name": "templateName",
+ "in": "path",
+ "description": "Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `async_approval`, `change_password` (legacy), or `password_reset` (legacy).",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateEmailTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateEmailTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Template successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateEmailTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: update:email_templates."
+ },
+ "404": {
+ "description": "Template not found and cannot be updated."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_email-templates_by_templateName",
+ "x-operation-name": "update",
+ "x-operation-group": "emailTemplates",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:email_templates"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Update an email template",
+ "description": "Update an email template.",
+ "tags": [
+ "email-templates"
+ ],
+ "parameters": [
+ {
+ "name": "templateName",
+ "in": "path",
+ "description": "Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `async_approval`, `change_password` (legacy), or `password_reset` (legacy).",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetEmailTemplateRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetEmailTemplateRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Template successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetEmailTemplateResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: update:email_templates."
+ },
+ "404": {
+ "description": "Template not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_email-templates_by_templateName",
+ "x-operation-name": "set",
+ "x-operation-group": "emailTemplates",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:email_templates"
+ ]
+ }
+ ]
+ }
+ },
+ "/emails/provider": {
+ "get": {
+ "summary": "Get email provider",
+ "description": "Retrieve details of the email provider configuration in your tenant. A list of fields to include or exclude may also be specified.\n",
+ "tags": [
+ "emails"
+ ],
+ "parameters": [
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (dependent upon include_fields) from the result. Leave empty to retrieve `name` and `enabled`. Additional fields available include `credentials`, `default_from_address`, and `settings`.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (dependent upon include_fields) from the result. Leave empty to retrieve `name` and `enabled`. Additional fields available include `credentials`, `default_from_address`, and `settings`."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Email provider successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetEmailProviderResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:email_provider."
+ },
+ "404": {
+ "description": "Email provider has not been configured."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_provider",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetEmailProviderRequestParameters",
+ "x-operation-group": [
+ "emails",
+ "provider"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:email_provider"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete email provider",
+ "description": "Delete the email provider.\n",
+ "tags": [
+ "emails"
+ ],
+ "responses": {
+ "204": {
+ "description": "The email provider has been deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: delete:email_provider"
+ },
+ "404": {
+ "description": "Email provider does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_provider",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "emails",
+ "provider"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:email_provider"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update email provider",
+ "description": "Update an email provider. The credentials object\nrequires different properties depending on the email provider (which is specified using the name property):\nmandrill requires api_keysendgrid requires api_keysparkpost requires api_key. Optionally, set region to eu to use\n the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in\n North America. eu or null are the only valid values for region.\n mailgun requires api_key and domain. Optionally, set region to\n eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or\n null are the only valid values for region.\n ses requires accessKeyId, secretAccessKey, and regionsmtp requires smtp_host, smtp_port, smtp_user, and\n smtp_pass\n settings object with different configuration\noptions, which will be used when sending an email:\nsmtp provider, settings may contain headers object.\n X-SES-Configuration-Set header. Value must be a string.\n X-MSYS_API header. Value must be an object.\n ses provider, settings may contain message object, where you can provide\n a name of configuration set in configuration_set_name property. Value must be a string.\n credentials object\nrequires different properties depending on the email provider (which is specified using the name property):\nmandrill requires api_keysendgrid requires api_keysparkpost requires api_key. Optionally, set region to eu to use\n the SparkPost service hosted in Western Europe; set to null to use the SparkPost service hosted in\n North America. eu or null are the only valid values for region.\n mailgun requires api_key and domain. Optionally, set region to\n eu to use the Mailgun service hosted in Europe; set to null otherwise. eu or\n null are the only valid values for region.\n ses requires accessKeyId, secretAccessKey, and regionsmtp requires smtp_host, smtp_port, smtp_user, and\n smtp_pass\n settings object with different configuration\noptions, which will be used when sending an email:\nsmtp provider, settings may contain headers object.\n X-SES-Configuration-Set header. Value must be a string.\n X-MSYS_API header. Value must be an object.\n ses provider, settings may contain message object, where you can provide\n a name of configuration set in configuration_set_name property. Value must be a string.\n all-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details.\n",
+ "tags": [
+ "guardian"
+ ],
+ "responses": {
+ "200": {
+ "description": "Success",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListGuardianPoliciesResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid input based on schemas"
+ },
+ "401": {
+ "description": "Token has expired or signature is invalid"
+ },
+ "403": {
+ "description": "Insufficient scope"
+ }
+ },
+ "operationId": "get_policies",
+ "x-operation-name": "list",
+ "x-operation-group": [
+ "guardian",
+ "policies"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:mfa_policies"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Update multi-factor authentication policies",
+ "description": "Set multi-factor authentication (MFA) policies for your tenant.\n\nThe following policies are supported:\nall-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.confidence-score policy is part of the Adaptive MFA feature. Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 Pricing for more details.\n",
+ "tags": [
+ "guardian"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetGuardianPoliciesRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetGuardianPoliciesRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Policies updated",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetGuardianPoliciesResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid input based on schemas"
+ },
+ "401": {
+ "description": "Token has expired or signature is invalid"
+ },
+ "403": {
+ "description": "Insufficient scope"
+ }
+ },
+ "operationId": "put_policies",
+ "x-operation-name": "set",
+ "x-operation-group": [
+ "guardian",
+ "policies"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:mfa_policies"
+ ]
+ }
+ ]
+ }
+ },
+ "/hooks": {
+ "get": {
+ "summary": "Get hooks",
+ "description": "Retrieve all hooks. Accepts a list of fields to include or exclude in the result.\n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "enabled",
+ "in": "query",
+ "description": "Optional filter on whether a hook is enabled (true) or disabled (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Optional filter on whether a hook is enabled (true) or disabled (false)."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "triggerId",
+ "in": "query",
+ "description": "Retrieves hooks that match the trigger",
+ "schema": {
+ "$ref": "#/components/schemas/HookTriggerIdEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Hooks successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListHooksResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:hooks."
+ },
+ "404": {
+ "description": "Hook not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_hooks",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListHooksRequestParameters",
+ "x-operation-group": "hooks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:hooks"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a hook",
+ "description": "Create a new hook.\n",
+ "tags": [
+ "hooks"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateHookRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateHookRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Hook successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateHookResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:hooks.",
+ "x-description-1": "This endpoint is disabled for your tenant."
+ },
+ "409": {
+ "description": "Hook with the same name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_hooks",
+ "x-operation-name": "create",
+ "x-operation-group": "hooks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:hooks"
+ ]
+ }
+ ]
+ }
+ },
+ "/hooks/{id}": {
+ "get": {
+ "summary": "Get a hook",
+ "description": "Retrieve a hook by its ID. Accepts a list of fields to include in the result.\n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook to retrieve."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include in the result. Leave empty to retrieve all fields."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Hook successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetHookResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:hooks."
+ },
+ "404": {
+ "description": "Hook not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_hooks_by_id",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetHookRequestParameters",
+ "x-operation-group": "hooks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:hooks"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a hook",
+ "description": "Delete a hook.\n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Hook successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:hooks."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_hooks_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "hooks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:hooks"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a hook",
+ "description": "Update an existing hook.\n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateHookRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateHookRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Hook successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateHookResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:hooks.",
+ "x-description-1": "This endpoint is disabled for your tenant."
+ },
+ "404": {
+ "description": "The hook does not exist"
+ },
+ "409": {
+ "description": "A hook with the same name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_hooks_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "hooks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:hooks"
+ ]
+ }
+ ]
+ }
+ },
+ "/hooks/{id}/secrets": {
+ "get": {
+ "summary": "Get hook secrets",
+ "description": "Retrieve a hook's secrets by the ID of the hook. \n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook to retrieve secrets from.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook to retrieve secrets from."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Hook secrets successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetHookSecretResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:hooks."
+ },
+ "404": {
+ "description": "Hook not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_secrets",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "hooks",
+ "secrets"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:hooks"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete hook secrets",
+ "description": "Delete one or more existing secrets for a given hook. Accepts an array of secret names to delete. ",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook whose secrets to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook whose secrets to delete."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteHookSecretRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteHookSecretRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Hook secrets successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:hooks."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_secrets",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "hooks",
+ "secrets"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:hooks"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update hook secrets",
+ "description": "Update one or more existing secrets for an existing hook. Accepts an object of key-value pairs, where the key is the name of the existing secret. \n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the hook whose secrets to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the hook whose secrets to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateHookSecretRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateHookSecretRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Hook secrets successfully updated."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:hooks.",
+ "x-description-1": "This endpoint is disabled for your tenant."
+ },
+ "404": {
+ "description": "Hook or secret not found."
+ },
+ "409": {
+ "description": "Secret with the same name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_secrets",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "hooks",
+ "secrets"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:hooks"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Add hook secrets",
+ "description": "Add one or more secrets to an existing hook. Accepts an object of key-value pairs, where the key is the name of the secret. A hook can have a maximum of 20 secrets. \n",
+ "tags": [
+ "hooks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the hook to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the hook to retrieve"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateHookSecretRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateHookSecretRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Hook secrets successfully added."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:hooks.",
+ "x-description-1": "This endpoint is disabled for your tenant."
+ },
+ "409": {
+ "description": "Secret with the same name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_secrets",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "hooks",
+ "secrets"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:hooks"
+ ]
+ }
+ ]
+ }
+ },
+ "/jobs/users-exports": {
+ "post": {
+ "summary": "Create export users job",
+ "description": "Export all users to a file via a long-running job.",
+ "tags": [
+ "jobs"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateExportUsersRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateExportUsersRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Job created successfully.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateExportUsersResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "The connection does not exist."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_users-exports",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "jobs",
+ "usersExports"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/jobs/users-imports": {
+ "post": {
+ "summary": "Create import users job",
+ "description": "Import users from a formatted file into a connection via a long-running job. When importing users, with or without upsert, the `email_verified` is set to `false` when the email address is added or updated. Users must verify their email address. To avoid this behavior, set `email_verified` to `true` in the imported data.",
+ "tags": [
+ "jobs"
+ ],
+ "requestBody": {
+ "content": {
+ "multipart/form-data": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateImportUsersRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "202": {
+ "description": "Job successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateImportUsersResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "Must provide 'users' file as multipart part.",
+ "x-description-2": "Payload validation error: 'Invalid multipart payload format'.",
+ "x-description-3": "Users file must not be empty.",
+ "x-description-4": "Must provide 'connection_id' as multipart part.",
+ "x-description-5": "Connection must be a database connection.",
+ "x-description-6": "Connection must be enabled.",
+ "x-description-7": "Payload validation error: 'String does not match pattern ^con_[A-Za-z0-9]{16}$' on property connection_id.",
+ "x-description-8": "The connection does not exist.",
+ "x-description-9": "Custom Database Connections without import mode are not allowed."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:users."
+ },
+ "413": {
+ "description": "Payload content length greater than maximum allowed: 512000."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "post_users-imports",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "jobs",
+ "usersImports"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/jobs/verification-email": {
+ "post": {
+ "summary": "Send an email address verification email",
+ "description": "Send an email to the specified user that asks them to click a link to verify their email address.\n\nNote: You must have the `Status` toggle enabled for the verification email template for the email to be sent.",
+ "tags": [
+ "jobs"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateVerificationEmailRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateVerificationEmailRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Job successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateVerificationEmailResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request parameters. The message will vary depending on the cause.",
+ "x-description-1": "Connection must be a database connection.",
+ "x-description-2": "User does not have an email address.",
+ "x-description-3": "connection does not exist.",
+ "x-description-4": "Connection must be enabled.",
+ "x-description-5": "The organization does not exist"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_verification-email",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "jobs",
+ "verificationEmail"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/jobs/{id}": {
+ "get": {
+ "summary": "Get a job",
+ "description": "Retrieves a job. Useful to check its status.",
+ "tags": [
+ "jobs"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the job.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the job."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Job retrieved successfully.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetJobResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:users."
+ },
+ "404": {
+ "description": "Job not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_jobs_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "jobs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:users",
+ "read:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/jobs/{id}/errors": {
+ "get": {
+ "summary": "Get job error details",
+ "description": "Retrieve error details of a failed job.",
+ "tags": [
+ "jobs"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the job.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the job."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Job successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/GetJobErrorResponseContent"
+ }
+ },
+ {
+ "$ref": "#/components/schemas/GetJobGenericErrorResponseContent"
+ }
+ ]
+ }
+ }
+ }
+ },
+ "204": {
+ "description": "The job was retrieved, but no errors were found.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/GetJobErrorResponseContent"
+ }
+ },
+ {
+ "$ref": "#/components/schemas/GetJobGenericErrorResponseContent"
+ }
+ ]
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: create:users"
+ },
+ "404": {
+ "description": "The job does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_errors",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "jobs",
+ "errors"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:users",
+ "read:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/custom-signing": {
+ "get": {
+ "summary": "Get custom signing keys",
+ "description": "Get entire jwks representation of custom signing keys.",
+ "tags": [
+ "keys"
+ ],
+ "responses": {
+ "200": {
+ "description": "Custom signing keys were successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetCustomSigningKeysResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:custom_signing_keys."
+ },
+ "404": {
+ "description": "No custom signing keys found for this tenant. Upload custom signing keys first."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_custom_signing_keys",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "keys",
+ "customSigning"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:custom_signing_keys"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete custom signing keys",
+ "description": "Delete entire jwks representation of custom signing keys.",
+ "tags": [
+ "keys"
+ ],
+ "responses": {
+ "204": {
+ "description": "Custom signing keys were successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:custom_signing_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_custom_signing_keys",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "keys",
+ "customSigning"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:custom_signing_keys"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Create or replace custom signing keys",
+ "description": "Create or replace entire jwks representation of custom signing keys.",
+ "tags": [
+ "keys"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetCustomSigningKeysRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetCustomSigningKeysRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Custom signing keys were successfully created or replaced.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetCustomSigningKeysResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Payload validation error."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected all of: create:custom_signing_keys,update:custom_signing_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_custom_signing_keys",
+ "x-operation-name": "set",
+ "x-operation-group": [
+ "keys",
+ "customSigning"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:custom_signing_keys",
+ "update:custom_signing_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/encryption": {
+ "get": {
+ "summary": "Get all encryption keys",
+ "description": "Retrieve details of all the encryption keys associated with your tenant.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Default value is 50, maximum value is 100.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Default value is 50, maximum value is 100."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The keys were successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListEncryptionKeysResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:encryption_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_encryption_keys",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListEncryptionKeysRequestParameters",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:encryption_keys"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create the new encryption key",
+ "description": "Create the new, pre-activated encryption key, without the key material.",
+ "tags": [
+ "keys"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEncryptionKeyRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEncryptionKeyRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "The key was successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEncryptionKeyResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Request body is invalid. Unsupported key \"type\" provided."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:encryption_keys."
+ },
+ "409": {
+ "description": "Encryption key has already been created."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_encryption",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:encryption_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/encryption/rekey": {
+ "post": {
+ "summary": "Rekey the key hierarchy",
+ "description": "Perform rekeying operation on the key hierarchy.",
+ "tags": [
+ "keys"
+ ],
+ "responses": {
+ "204": {
+ "description": "The key hierarchy was successfully rekeyed."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected all of: create:encryption_keys update:encryption_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_encryption_rekey",
+ "x-operation-name": "rekey",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:encryption_keys",
+ "update:encryption_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/encryption/{kid}": {
+ "get": {
+ "summary": "Get the encryption key by its key id",
+ "description": "Retrieve details of the encryption key with the given ID.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Encryption key ID",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Encryption key ID"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The key was successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetEncryptionKeyResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid UUID format in uri.",
+ "x-description-1": "Invalid key id or unsupported key type."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:encryption_keys."
+ },
+ "404": {
+ "description": "The key does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_encryption_key",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:encryption_keys"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete the encryption key by its key id",
+ "description": "Delete the custom provided encryption key with the given ID and move back to using native encryption key.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Encryption key ID",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Encryption key ID"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The key was successfully deleted."
+ },
+ "400": {
+ "description": "Invalid UUID format in uri.",
+ "x-description-1": "Invalid key id or unsupported key type."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:encryption_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_encryption_key",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:encryption_keys"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Import the encryption key",
+ "description": "Import wrapped key material and activate encryption key.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Encryption key ID",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Encryption key ID"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ImportEncryptionKeyRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/ImportEncryptionKeyRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "The key was successfully imported.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ImportEncryptionKeyResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "The key ID was not found.",
+ "x-description-1": "Invalid UUID format in uri.",
+ "x-description-2": "Invalid input. Wrapped key material is invalid or unsupported key type."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:encryption_keys."
+ },
+ "409": {
+ "description": "Failed precondition. Key import not in progress or unable to find the wrapping key. Make sure you have followed all the steps to import a key."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_encryption_key",
+ "x-operation-name": "import",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:encryption_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/encryption/{kid}/wrapping-key": {
+ "post": {
+ "summary": "Create the public wrapping key",
+ "description": "Create the public wrapping key to wrap your own encryption key material.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Encryption key ID",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Encryption key ID"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "The public wrapping key was successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateEncryptionKeyPublicWrappingResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid UUID format in uri.",
+ "x-description-1": "Invalid key id or unsupported key type."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:encryption_keys."
+ },
+ "409": {
+ "description": "Failed precondition. Create new encryption key without the key material first."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_encryption_wrapping_key",
+ "x-operation-name": "createPublicWrappingKey",
+ "x-operation-group": [
+ "keys",
+ "encryption"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:encryption_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/signing": {
+ "get": {
+ "summary": "Get all Application Signing Keys",
+ "description": "Retrieve details of all the application signing keys associated with your tenant.",
+ "tags": [
+ "keys"
+ ],
+ "responses": {
+ "200": {
+ "description": "The signing keys were retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/SigningKeys"
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:signing_keys"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_signing_keys",
+ "x-operation-name": "list",
+ "x-operation-group": [
+ "keys",
+ "signing"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:signing_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/signing/rotate": {
+ "post": {
+ "summary": "Rotate the Application Signing Key",
+ "description": "Rotate the application signing key of your tenant.",
+ "tags": [
+ "keys"
+ ],
+ "responses": {
+ "201": {
+ "description": "Signing key rotated successfully.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RotateSigningKeysResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected create:signing_keys and update:signing_keys."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_signing_keys",
+ "x-operation-name": "rotate",
+ "x-operation-group": [
+ "keys",
+ "signing"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:signing_keys",
+ "update:signing_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/signing/{kid}": {
+ "get": {
+ "summary": "Get an Application Signing Key by its key id",
+ "description": "Retrieve details of the application signing key with the given ID.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Key id of the key to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Key id of the key to retrieve"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The signing keys were retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetSigningKeysResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:signing_keys"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_signing_key",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "keys",
+ "signing"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:signing_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/keys/signing/{kid}/revoke": {
+ "put": {
+ "summary": "Revoke an Application Signing Key by its key id",
+ "description": "Revoke the application signing key with the given ID.",
+ "tags": [
+ "keys"
+ ],
+ "parameters": [
+ {
+ "name": "kid",
+ "in": "path",
+ "description": "Key id of the key to revoke",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Key id of the key to revoke"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Signing key revoked successfully.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/RevokedSigningKeysResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:signing_keys."
+ },
+ "404": {
+ "description": "Signing key not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_signing_keys",
+ "x-operation-name": "revoke",
+ "x-operation-group": [
+ "keys",
+ "signing"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:signing_keys"
+ ]
+ }
+ ]
+ }
+ },
+ "/log-streams": {
+ "get": {
+ "summary": "Get log streams",
+ "description": "Retrieve details on log streams.\n[{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}, {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventgrid\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\",\n\t\t\"azurePartnerTopic\": \"string\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n},\n{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}]type of log stream being created determines the properties required in the sink payload.\nhttp Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"sink\": {\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}eventbridge Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"sink\": {\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsAccountId\": \"string\"\n\t}\n}awsPartnerEventSource in the sink: {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}Azure Event Grid Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"eventgrid\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"azureSubscriptionId\": \"string\",\n\t\t\"azureResourceGroup\": \"string\",\n\t\t\"azureRegion\": \"string\",\n\t\t\"azurePartnerTopic\": \"string\"\n\t}\n}Datadog Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n}Splunk Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}Sumo Logic Stream, the sink properties are listed in the payload below\nRequest: {\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"eventbridge\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"awsAccountId\": \"string\",\n\t\t\"awsRegion\": \"string\",\n\t\t\"awsPartnerEventSource\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"http\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"httpContentFormat\": \"JSONLINES|JSONARRAY\",\n\t\t\"httpContentType\": \"string\",\n\t\t\"httpEndpoint\": \"string\",\n\t\t\"httpAuthorization\": \"string\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"datadog\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n\t}\n\n}{\n\t \"name\": \"string\",\n\t \"type\": \"mixpanel\",\n\t \"sink\": {\n\t\t\"mixpanelRegion\": \"string\", // \"us\" | \"eu\",\n\t\t\"mixpanelProjectId\": \"string\",\n\t\t\"mixpanelServiceAccountUsername\": \"string\",\n\t\t\"mixpanelServiceAccountPassword\": \"string\"\n\t }\n\t} {\n\t\t\"id\": \"string\",\n\t\t\"name\": \"string\",\n\t\t\"type\": \"mixpanel\",\n\t\t\"status\": \"active\",\n\t\t\"sink\": {\n\t\t \"mixpanelRegion\": \"string\", // \"us\" | \"eu\",\n\t\t \"mixpanelProjectId\": \"string\",\n\t\t \"mixpanelServiceAccountUsername\": \"string\",\n\t\t \"mixpanelServiceAccountPassword\": \"string\" // the following is redacted on return\n\t\t}\n\t } {\n\t \"name\": \"string\",\n\t \"type\": \"segment\",\n\t \"sink\": {\n\t\t\"segmentWriteKey\": \"string\"\n\t }\n\t}{\n\t \"id\": \"string\",\n\t \"name\": \"string\",\n\t \"type\": \"segment\",\n\t \"status\": \"active\",\n\t \"sink\": {\n\t\t\"segmentWriteKey\": \"string\"\n\t }\n\t} {\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"splunk\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"splunkDomain\": \"string\",\n\t\t\"splunkToken\": \"string\",\n\t\t\"splunkPort\": \"string\",\n\t\t\"splunkSecure\": \"boolean\"\n\t}\n}{\n\t\"id\": \"string\",\n\t\"name\": \"string\",\n\t\"type\": \"sumo\",\n\t\"status\": \"active|paused|suspended\",\n\t\"sink\": {\n\t\t\"sumoSourceAddress\": \"string\",\n\t}\n}status of a log stream maybe any of the following:\n1. active - Stream is currently enabled.\n2. paused - Stream is currently user disabled and will not attempt log delivery.\n3. suspended - Stream is currently disabled because of errors and will not attempt log delivery.\n",
+ "tags": [
+ "log-streams"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the log stream to get",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the log stream to get"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Returning log stream.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetLogStreamResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:log_streams.",
+ "x-description-1": "The account is not allowed to perform this operation."
+ },
+ "404": {
+ "description": "The log stream does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_log-streams_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "logStreams",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:log_streams"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete log stream",
+ "description": "Delete a log stream.\n",
+ "tags": [
+ "log-streams"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the log stream to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the log stream to delete"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The log stream was deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: delete:log_streams."
+ },
+ "404": {
+ "description": "The log stream does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_log-streams_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "logStreams",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:log_streams"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a log stream",
+ "description": "Update a log stream.\neventbridge and eventgrid, updating the sink is not permitted.\n{\n\t\"status\": \"active|paused\"\n}{\n\t\"name\": \"string\"\n}http{\n \"sink\": {\n \"httpEndpoint\": \"string\",\n \"httpContentType\": \"string\",\n \"httpContentFormat\": \"JSONARRAY|JSONLINES\",\n \"httpAuthorization\": \"string\"\n }\n}datadog{\n \"sink\": {\n\t\t\"datadogRegion\": \"string\",\n\t\t\"datadogApiKey\": \"string\"\n }\n}splunk{\n \"sink\": {\n \"splunkDomain\": \"string\",\n \"splunkToken\": \"string\",\n \"splunkPort\": \"string\",\n \"splunkSecure\": \"boolean\"\n }\n}sumo{\n \"sink\": {\n \"sumoSourceAddress\": \"string\"\n }\n}q parameter, or search from a specific log ID (\"search from checkpoint\").\n\nFor more information on all possible event types, their respective acronyms, and descriptions, see Log Event Type Codes.\n\nfields and sort, see Searchable Fields.\n\nAuth0 limits the number of logs you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through 1,000 search results. If you exceed this threshold, please redefine your search or use the get logs by checkpoint method.\n\ntake parameter. If you use from at the same time as q, from takes precedence and q is ignored.from parameter.from and take will be ignored, and date ordering is not guaranteed.\n",
+ "tags": [
+ "logs"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": " Number of results per page. Paging is disabled if parameter not sent. Default: 50. Max value: 100",
+ "schema": {
+ "type": "integer",
+ "description": " Number of results per page. Paging is disabled if parameter not sent. Default: 50. Max value: 100"
+ }
+ },
+ {
+ "name": "sort",
+ "in": "query",
+ "description": "Field to use for sorting appended with :1 for ascending and :-1 for descending. e.g. date:-1",
+ "schema": {
+ "type": "string",
+ "description": "Field to use for sorting appended with :1 for ascending and :-1 for descending. e.g. date:-1"
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false)",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)"
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results as an array when false (default). Return results inside an object that also contains a total result count when true.",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results as an array when false (default). Return results inside an object that also contains a total result count when true."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Log Event Id from which to start selection from.",
+ "schema": {
+ "type": "string",
+ "description": "Log Event Id from which to start selection from."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of entries to retrieve when using the from parameter. Default 50, max 100",
+ "schema": {
+ "type": "integer",
+ "description": "Number of entries to retrieve when using the from parameter. Default 50, max 100"
+ }
+ },
+ {
+ "name": "q",
+ "in": "query",
+ "description": "Query in Lucene query string syntax.",
+ "schema": {
+ "type": "string",
+ "description": "Query in Lucene query string syntax."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Logs successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListLogResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:logs, read:logs_users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_logs",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListLogsRequestParameters",
+ "x-operation-group": "logs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:logs",
+ "read:logs_users"
+ ]
+ }
+ ]
+ }
+ },
+ "/logs/{id}": {
+ "get": {
+ "summary": "Get a log event by id",
+ "description": "Retrieve an individual log event.",
+ "tags": [
+ "logs"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "log_id of the log to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "log_id of the log to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Log successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetLogResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:logs, read:logs_users."
+ },
+ "404": {
+ "description": "Log not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_logs_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "logs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:logs",
+ "read:logs_users"
+ ]
+ }
+ ]
+ }
+ },
+ "/network-acls": {
+ "get": {
+ "summary": "Get all access control list entries for a tenant",
+ "description": "Get all access control list entries for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Use this field to request a specific page of the list results.",
+ "schema": {
+ "type": "integer",
+ "description": "Use this field to request a specific page of the list results."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "The amount of results per page.",
+ "schema": {
+ "type": "integer",
+ "description": "The amount of results per page."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Network access control list successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListNetworkAclsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:network_acls."
+ },
+ "404": {
+ "description": "Network access control list not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_network-acls",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListNetworkAclsRequestParameters",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:network_acls"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create Access Control List",
+ "description": "Create a new access control list for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateNetworkAclRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateNetworkAclRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Network ACL successfully created."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Entitlement is not enabled for this tenant. Please upgrade your subscription to enable Tenant ACL Management.",
+ "x-description-1": "Tenant ACL Management is not enabled for this tenant.",
+ "x-description-0": "Insufficient scope; expected any of: create:network_acls."
+ },
+ "409": {
+ "description": "A Network ACL with this priority number has already been created."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "There was an error retrieving Networks ACLs subscription settings."
+ }
+ },
+ "operationId": "post_network-acls",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "create",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:network_acls"
+ ]
+ }
+ ]
+ }
+ },
+ "/network-acls/{id}": {
+ "get": {
+ "summary": "Get a specific access control list entry for a tenant",
+ "description": "Get a specific access control list entry for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the access control list to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the access control list to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Network access control list successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetNetworkAclsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:network_acls."
+ },
+ "404": {
+ "description": "Network access control list not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_network-acls_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "get",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:network_acls"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete Access Control List",
+ "description": "Delete existing access control list for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the ACL to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the ACL to delete"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Network ACL successfully deleted"
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Tenant ACL Management is not enabled for this tenant.",
+ "x-description-1": "Insufficient scope; expected any of: delete:network_acls."
+ },
+ "404": {
+ "description": "This ACL does not exist"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_network-acls_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "delete",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:network_acls"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Partial Update for an Access Control List",
+ "description": "Update existing access control list for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the ACL to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the ACL to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateNetworkAclRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateNetworkAclRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Network ACL properties successfully updated",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateNetworkAclResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:network_acls."
+ },
+ "404": {
+ "description": "Network ACL not found and cannot be updated"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_network-acls_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "update",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:network_acls"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Update Access Control List",
+ "description": "Update existing access control list for your client.",
+ "tags": [
+ "network-acls"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the ACL to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the ACL to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetNetworkAclRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetNetworkAclRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Network ACL properties successfully updated",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetNetworkAclsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:network_acls."
+ },
+ "404": {
+ "description": "Network ACL not found and cannot be updated"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_network-acls_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "set",
+ "x-operation-group": "networkAcls",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:network_acls"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations": {
+ "get": {
+ "summary": "Get organizations",
+ "description": "Retrieve detailed list of all Organizations available in your tenant. For more information, see Auth0 Organizations.\n\nThis endpoint supports two types of pagination:\nfrom: Optional id from which to start selection.take: The total number of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "sort",
+ "in": "query",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1. We currently support sorting by the following fields: name, display_name and created_at.",
+ "schema": {
+ "type": "string",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1. We currently support sorting by the following fields: name, display_name and created_at."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Organizations successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListOrganizationsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string paging options. The message will vary depending on the cause"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organizations."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_organizations",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListOrganizationsRequestParameters",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organizations",
+ "read:organizations_summary"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create an Organization",
+ "description": "Create a new Organization within your tenant. To learn more about Organization settings, behavior, and configuration options, review Create Your First Organization.\n",
+ "tags": [
+ "organizations"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Organization successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organizations."
+ },
+ "409": {
+ "description": "An organization with this name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_organizations",
+ "x-operation-name": "create",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organizations",
+ "create:organization_connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/name/{name}": {
+ "get": {
+ "summary": "Get organization by name",
+ "description": "Retrieve details about a single Organization specified by name.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "name",
+ "in": "path",
+ "description": "name of the organization to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "name of the organization to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Organization successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetOrganizationByNameResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organizations."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_name_by_name",
+ "x-operation-name": "getByName",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organizations"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}": {
+ "get": {
+ "summary": "Get organization",
+ "description": "Retrieve details about a single Organization specified by ID. \n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Organization successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetOrganizationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organizations."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_organizations_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organizations",
+ "read:organizations_summary"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete organization",
+ "description": "Remove an Organization from your tenant. This action cannot be undone. \n\nNote: Members are automatically disassociated from an Organization when it is deleted. However, this action does not delete these users from your tenant.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "The organization was deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organizations."
+ },
+ "404": {
+ "description": "The organization does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_organizations_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organizations"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Modify an Organization",
+ "description": "Update the details of a specific Organization, such as name and display name, branding options, and metadata.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Organization successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:organizations."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_organizations_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "organizations",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:organizations"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/client-grants": {
+ "get": {
+ "summary": "Get client grants associated to an organization",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "audience",
+ "in": "query",
+ "description": "Optional filter on audience of the client grant.",
+ "schema": {
+ "type": "string",
+ "description": "Optional filter on audience of the client grant."
+ }
+ },
+ {
+ "name": "client_id",
+ "in": "query",
+ "description": "Optional filter on client_id of the client grant.",
+ "schema": {
+ "type": "string",
+ "description": "Optional filter on client_id of the client grant."
+ }
+ },
+ {
+ "name": "grant_ids",
+ "in": "query",
+ "description": "Optional filter on the ID of the client grant. Must be URL encoded and may be specified multiple times (max 10).status field must be either pending or verified.",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationDiscoveryDomainRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationDiscoveryDomainRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Organization discovery domain successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationDiscoveryDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organization_discovery_domains."
+ },
+ "404": {
+ "description": "Organization not found."
+ },
+ "409": {
+ "description": "An organization discovery domain with this domain is already registered to this organization."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_discovery-domains",
+ "x-release-lifecycle": "GA",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "organizations",
+ "discoveryDomains"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organization_discovery_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/discovery-domains/{discovery_domain_id}": {
+ "get": {
+ "summary": "Retrieve an organization discovery domain by ID",
+ "description": "Retrieve details about a single organization discovery domain specified by ID. \n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization."
+ }
+ },
+ {
+ "name": "discovery_domain_id",
+ "in": "path",
+ "description": "ID of the discovery domain.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the discovery domain."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Organization discovery domain successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetOrganizationDiscoveryDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_discovery_domains."
+ },
+ "404": {
+ "description": "Organization not found.",
+ "x-description-1": "Organization discovery domain not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_discovery-domains_by_discovery_domain_id",
+ "x-release-lifecycle": "GA",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "organizations",
+ "discoveryDomains"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_discovery_domains"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete an organization discovery domain",
+ "description": "Remove a discovery domain from an organization. This action cannot be undone. ",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization."
+ }
+ },
+ {
+ "name": "discovery_domain_id",
+ "in": "path",
+ "description": "ID of the discovery domain.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the discovery domain."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Organization discovery domain successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organization_discovery_domains."
+ },
+ "404": {
+ "description": "Organization not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_discovery-domains_by_discovery_domain_id",
+ "x-release-lifecycle": "GA",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "organizations",
+ "discoveryDomains"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organization_discovery_domains"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update an organization discovery domain",
+ "description": "Update the verification status for an organization discovery domain. The status field must be either pending or verified.",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the organization.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the organization."
+ }
+ },
+ {
+ "name": "discovery_domain_id",
+ "in": "path",
+ "description": "ID of the discovery domain to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the discovery domain to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationDiscoveryDomainRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationDiscoveryDomainRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Organization discovery domain successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationDiscoveryDomainResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid Request Body."
+ },
+ "404": {
+ "description": "Organization not found.",
+ "x-description-1": "Organization discovery domain not found."
+ }
+ },
+ "operationId": "patch_discovery-domains_by_discovery_domain_id",
+ "x-release-lifecycle": "GA",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "organizations",
+ "discoveryDomains"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:organization_discovery_domains"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/enabled_connections": {
+ "get": {
+ "summary": "Get connections enabled for an organization",
+ "description": "Retrieve details about a specific connection currently enabled for an Organization. Information returned includes details such as connection ID, name, strategy, and whether the connection automatically grants membership upon login.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connections successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListOrganizationConnectionsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_connections."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_enabled_connections",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListOrganizationConnectionsRequestParameters",
+ "x-operation-group": [
+ "organizations",
+ "enabledConnections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_connections"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Add connections to an organization",
+ "description": "Enable a specific connection for a given Organization. To enable a connection, it must already exist within your tenant; connections cannot be created through this action.\n\nConnections represent the relationship between Auth0 and a source of users. Available types of connections include database, enterprise, and social.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/AddOrganizationConnectionRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/AddOrganizationConnectionRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Organization connection successfully added.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/AddOrganizationConnectionResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organization_connections."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_enabled_connections",
+ "x-operation-name": "add",
+ "x-operation-group": [
+ "organizations",
+ "enabledConnections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organization_connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/enabled_connections/{connectionId}": {
+ "get": {
+ "summary": "Get an enabled connection for an organization",
+ "description": "Retrieve details about a specific connection currently enabled for an Organization. Information returned includes details such as connection ID, name, strategy, and whether the connection automatically grants membership upon login.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "connectionId",
+ "in": "path",
+ "description": "Connection identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Connection identifier."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Connection successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetOrganizationConnectionResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_connections."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_enabled_connections_by_connectionId",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "organizations",
+ "enabledConnections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_connections"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete connections from an organization",
+ "description": "Disable a specific connection for an Organization. Once disabled, Organization members can no longer use that connection to authenticate. \n\nNote: This action does not remove the connection from your tenant.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "connectionId",
+ "in": "path",
+ "description": "Connection identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Connection identifier."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Connection successfully removed from organization."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organization_connections."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_enabled_connections_by_connectionId",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "organizations",
+ "enabledConnections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organization_connections"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update the Connection of an Organization",
+ "description": "Modify the details of a specific connection currently enabled for an Organization.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "connectionId",
+ "in": "path",
+ "description": "Connection identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Connection identifier."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationConnectionRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationConnectionRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Organization connection successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateOrganizationConnectionResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:organization_connections."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_enabled_connections_by_connectionId",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "organizations",
+ "enabledConnections"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:organization_connections"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/invitations": {
+ "get": {
+ "summary": "Get invitations to an organization",
+ "description": "Retrieve a detailed list of invitations sent to users for a specific Organization. The list includes details such as inviter and invitee information, invitation URLs, and dates of creation and expiration. To learn more about Organization invitations, review Invite Organization Members. \n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "When true, return results inside an object that also contains the start and limit. When false (default), a direct array of results is returned. We do not yet support returning the total invitations count.",
+ "schema": {
+ "type": "boolean",
+ "description": "When true, return results inside an object that also contains the start and limit. When false (default), a direct array of results is returned. We do not yet support returning the total invitations count."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true.",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true."
+ }
+ },
+ {
+ "name": "sort",
+ "in": "query",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending Defaults to created_at:-1.",
+ "schema": {
+ "type": "string",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending Defaults to created_at:-1."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Invitations successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListOrganizationInvitationsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Requesting page exceeds the allowed maximum of 1000 records",
+ "x-description-0": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Client is not global.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Invalid token."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_invitations."
+ },
+ "404": {
+ "description": "No organization found by that id."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_invitations",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListOrganizationInvitationsRequestParameters",
+ "x-operation-group": [
+ "organizations",
+ "invitations"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_invitations"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create invitations to an organization",
+ "description": "Create a user invitation for a specific Organization. Upon creation, the listed user receives an email inviting them to join the Organization. To learn more about Organization invitations, review Invite Organization Members. \n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationInvitationRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationInvitationRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Invitation successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationInvitationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "A default login route is required to generate the invitation url. For more information, see https://auth0.com/docs/universal-login/configure-default-login-routes",
+ "x-description-1": "One or more of the specified roles do not exist: rol_0000000000000001, rol_0000000000000002",
+ "x-description-2": "Passwordless connections are not supported.",
+ "x-description-3": "The specified client_id does not allow organizations.",
+ "x-description-4": "The specified client_id does not exist.",
+ "x-description-5": "The specified connection (con_0000000000000001) is not enabled for the organization",
+ "x-description-6": "The specified connection does not exist.",
+ "x-description-0": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Client is not global.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Invalid token."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organization_invitations."
+ },
+ "404": {
+ "description": "No organization found by that id."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_invitations",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "organizations",
+ "invitations"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organization_invitations"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/invitations/{invitation_id}": {
+ "get": {
+ "summary": "Get a specific invitation to an Organization",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "invitation_id",
+ "in": "path",
+ "description": "The id of the user invitation.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the user invitation."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true.",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Invitation successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetOrganizationInvitationResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Client is not global.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Invalid token."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_invitations."
+ },
+ "404": {
+ "description": "No organization found by that id.",
+ "x-description-1": "The invitation does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_invitations_by_invitation_id",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetOrganizationInvitationRequestParameters",
+ "x-operation-group": [
+ "organizations",
+ "invitations"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_invitations"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete an invitation to an Organization",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "invitation_id",
+ "in": "path",
+ "description": "The id of the user invitation.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the user invitation."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Invitation successfully deleted."
+ },
+ "401": {
+ "description": "Client is not global.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Invalid token."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organization_invitations."
+ },
+ "404": {
+ "description": "No organization found by that id."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_invitations_by_invitation_id",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "organizations",
+ "invitations"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organization_invitations"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/members": {
+ "get": {
+ "summary": "Get members who belong to an organization",
+ "description": "List organization members.\nThis endpoint is subject to eventual consistency. New users may not be immediately included in the response and deleted users may not be immediately removed from it.\n\nfields parameter to optionally define the specific member details retrieved. If fields is left blank, all fields (except roles) are returned.\n fields=roles to retrieve the roles assigned to each listed member. To use this parameter, you must include the read:organization_member_roles scope in the token.\n from parameter. If there are more results, a next value will be included in the response. You can use this for subsequent API calls. When next is no longer included in the response, this indicates there are no more pages remaining.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Members successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListOrganizationMembersResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string paging options. The message will vary depending on the cause"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_members, read:organization_member_roles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_organization_members",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListOrganizationMembersRequestParameters",
+ "x-operation-group": [
+ "organizations",
+ "members"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_members"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete members from an organization",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteOrganizationMembersRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteOrganizationMembersRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Users successfully removed from organization."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organization_members."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_members",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "organizations",
+ "members"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organization_members"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Add members to an organization",
+ "description": "Set one or more existing users as members of a specific Organization.\n\nTo add a user to an Organization through this action, the user must already exist in your tenant. If a user does not yet exist, you can invite them to create an account, manually create them through the Auth0 Dashboard, or use the Management API.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationMemberRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateOrganizationMemberRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Members successfully added to organization."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organization_members."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_members",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "organizations",
+ "members"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organization_members"
+ ]
+ }
+ ]
+ }
+ },
+ "/organizations/{id}/members/{user_id}/roles": {
+ "get": {
+ "summary": "Get user roles assigned to an Organization member",
+ "description": "Retrieve detailed list of roles assigned to a given user within the context of a specific Organization. \n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action only returns the roles associated with the specified Organization; any roles assigned to the user within other Organizations are not included.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "user_id",
+ "in": "path",
+ "description": "ID of the user to associate roles with.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the user to associate roles with."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Roles successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListOrganizationMemberRolesResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause.",
+ "x-description-1": "Invalid query string paging options. The message will vary depending on the cause"
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:organization_member_roles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_organization_member_roles",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListOrganizationMemberRolesRequestParameters",
+ "x-operation-group": [
+ "organizations",
+ "members",
+ "roles"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:organization_member_roles"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete user roles from an Organization member",
+ "description": "Remove one or more Organization-specific roles from a given user.\n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action removes roles from a user in relation to the specified Organization. Roles assigned to the user within a different Organization cannot be managed in the same call.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "user_id",
+ "in": "path",
+ "description": "User ID of the organization member to remove roles from.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "User ID of the organization member to remove roles from."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteOrganizationMemberRolesRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/DeleteOrganizationMemberRolesRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Roles successfully removed from organization member."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:organization_member_roles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_organization_member_roles",
+ "x-operation-name": "delete",
+ "x-operation-group": [
+ "organizations",
+ "members",
+ "roles"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:organization_member_roles"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Assign user roles to an Organization member",
+ "description": "Assign one or more roles to a user to determine their access for a specific Organization.\n\nUsers can be members of multiple Organizations with unique roles assigned for each membership. This action assigns roles to a user only for the specified Organization. Roles cannot be assigned to a user across multiple Organizations in the same call.\n",
+ "tags": [
+ "organizations"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "Organization identifier.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Organization identifier."
+ }
+ },
+ {
+ "name": "user_id",
+ "in": "path",
+ "description": "ID of the user to associate roles with.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the user to associate roles with."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/AssignOrganizationMemberRolesRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/AssignOrganizationMemberRolesRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "204": {
+ "description": "Roles successfully associated with user."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:organization_member_roles."
+ },
+ "409": {
+ "description": "No more roles can be assigned to this organization member."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_organization_member_roles",
+ "x-operation-name": "assign",
+ "x-operation-group": [
+ "organizations",
+ "members",
+ "roles"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:organization_member_roles"
+ ]
+ }
+ ]
+ }
+ },
+ "/prompts": {
+ "get": {
+ "summary": "Get prompt settings",
+ "description": "Retrieve details of the Universal Login configuration of your tenant. This includes the Identifier First Authentication and WebAuthn with Device Biometrics for MFA features.",
+ "tags": [
+ "prompts"
+ ],
+ "responses": {
+ "200": {
+ "description": "Prompt settings successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetSettingsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "The specified client cannot perform the requested operation.",
+ "x-description-1": "Insufficient scope; expected any of: read:prompts."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_prompts",
+ "x-operation-name": "getSettings",
+ "x-operation-group": "prompts",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:prompts"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update prompt settings",
+ "description": "Update the Universal Login configuration of your tenant. This includes the Identifier First Authentication and WebAuthn with Device Biometrics for MFA features.",
+ "tags": [
+ "prompts"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSettingsRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSettingsRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Prompts settings successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSettingsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:prompts."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_prompts",
+ "x-operation-name": "updateSettings",
+ "x-operation-group": "prompts",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:prompts"
+ ]
+ }
+ ]
+ }
+ },
+ "/prompts/rendering": {
+ "get": {
+ "summary": "Get render setting configurations for all screens",
+ "description": "Get render setting configurations for all screens.",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (default: true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (default: true) or excluded (false)."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Maximum value is 100, default value is 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Maximum value is 100, default value is 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total configuration count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total configuration count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "prompt",
+ "in": "query",
+ "description": "Name of the prompt to filter by",
+ "schema": {
+ "type": "string",
+ "description": "Name of the prompt to filter by"
+ }
+ },
+ {
+ "name": "screen",
+ "in": "query",
+ "description": "Name of the screen to filter by",
+ "schema": {
+ "type": "string",
+ "description": "Name of the screen to filter by"
+ }
+ },
+ {
+ "name": "rendering_mode",
+ "in": "query",
+ "description": "Rendering mode to filter by",
+ "schema": {
+ "$ref": "#/components/schemas/AculRenderingModeEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "ACUL settings successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListAculsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required to use Advanced Customizations."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:prompts.",
+ "x-description-1": "This tenant does not have Advanced Customizations enabled."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_all_rendering",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListAculsRequestParameters",
+ "x-operation-group": [
+ "prompts",
+ "rendering"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:prompts"
+ ]
+ }
+ ]
+ }
+ },
+ "/prompts/{prompt}/custom-text/{language}": {
+ "get": {
+ "summary": "Get custom text for a prompt",
+ "description": "Retrieve custom text for a specific prompt and language.",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptGroupNameEnum"
+ }
+ },
+ {
+ "name": "language",
+ "in": "path",
+ "description": "Language to update.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptLanguageEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Prompt dictionaries successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetCustomTextsByLanguageResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:prompts."
+ },
+ "404": {
+ "description": "The prompt does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_custom-text_by_language",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "prompts",
+ "customText"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:prompts"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Set custom text for a specific prompt",
+ "description": "Set custom text for a specific prompt. Existing texts will be overwritten.",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptGroupNameEnum"
+ }
+ },
+ {
+ "name": "language",
+ "in": "path",
+ "description": "Language to update.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptLanguageEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetsCustomTextsByLanguageRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetsCustomTextsByLanguageRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Prompt dictionaries successfully updated."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:prompts."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_custom-text_by_language",
+ "x-operation-name": "set",
+ "x-operation-group": [
+ "prompts",
+ "customText"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:prompts"
+ ]
+ }
+ ]
+ }
+ },
+ "/prompts/{prompt}/partials": {
+ "get": {
+ "summary": "Get partials for a prompt",
+ "description": "Get template partials for a prompt",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PartialGroupsEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Prompt partials successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetPartialsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:prompts.",
+ "x-description-1": "Permission Denied. This feature is not available on this plan."
+ },
+ "404": {
+ "description": "The prompt does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_partials",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "prompts",
+ "partials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:prompts"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Set partials for a prompt",
+ "description": "Set template partials for a prompt",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PartialGroupsEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetPartialsRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetPartialsRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Template partials successfully updated."
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:prompts.",
+ "x-description-1": "Permission Denied. This feature is not available on this plan."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_partials",
+ "x-operation-name": "set",
+ "x-operation-group": [
+ "prompts",
+ "partials"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:prompts"
+ ]
+ }
+ ]
+ }
+ },
+ "/prompts/{prompt}/screen/{screen}/rendering": {
+ "get": {
+ "summary": "Get render settings for a screen",
+ "description": "Get render settings for a screen.",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptGroupNameEnum"
+ }
+ },
+ {
+ "name": "screen",
+ "in": "path",
+ "description": "Name of the screen",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/ScreenGroupNameEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "ACUL settings successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetAculResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required to use Advanced Customizations."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:prompts.",
+ "x-description-1": "This tenant does not have Advanced Customizations enabled.",
+ "x-description-2": "This screen is not available in Advanced Customizations"
+ },
+ "404": {
+ "description": "The prompt does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_rendering",
+ "x-operation-name": "get",
+ "x-operation-group": [
+ "prompts",
+ "rendering"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:prompts"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update render settings for a screen",
+ "description": "Learn more about configuring render settings for advanced customization.\n\n\n Example head_tags array. See our documentation on using Liquid variables within head tags.\n
{\n \"head_tags\": [\n {\n \"tag\": \"script\",\n \"attributes\": {\n \"defer\": true,\n \"src\": \"URL_TO_ASSET\",\n \"async\": true,\n \"integrity\": [\n \"ASSET_SHA\"\n ]\n }\n },\n {\n \"tag\": \"link\",\n \"attributes\": {\n \"href\": \"URL_TO_ASSET\",\n \"rel\": \"stylesheet\"\n }\n }\n ]\n}\n\n",
+ "tags": [
+ "prompts"
+ ],
+ "parameters": [
+ {
+ "name": "prompt",
+ "in": "path",
+ "description": "Name of the prompt",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/PromptGroupNameEnum"
+ }
+ },
+ {
+ "name": "screen",
+ "in": "path",
+ "description": "Name of the screen",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/ScreenGroupNameEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateAculRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateAculRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "ACUL settings successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateAculResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "402": {
+ "description": "A paid subscription is required to use Advanced Customizations."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:prompts.",
+ "x-description-1": "This tenant does not have Advanced Customizations enabled.",
+ "x-description-2": "This screen is not available in Advanced Customizations"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_rendering",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "prompts",
+ "rendering"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:prompts"
+ ]
+ }
+ ]
+ }
+ },
+ "/refresh-tokens/{id}": {
+ "get": {
+ "summary": "Get a refresh token",
+ "description": "Retrieve refresh token information.",
+ "tags": [
+ "refresh-tokens"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID refresh token to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID refresh token to retrieve"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The refresh token was retrieved",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetRefreshTokenResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected: read:refresh_tokens"
+ },
+ "404": {
+ "description": "The refresh token does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_refresh_token",
+ "x-operation-name": "get",
+ "x-operation-group": "refreshTokens",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:refresh_tokens"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a refresh tokens",
+ "description": "Delete a refresh token by its ID.",
+ "tags": [
+ "refresh-tokens"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the refresh token to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the refresh token to delete."
+ }
+ }
+ ],
+ "responses": {
+ "202": {
+ "description": "Refresh token deletion request accepted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: delete:refresh_tokens"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_refresh_token",
+ "x-operation-name": "delete",
+ "x-operation-group": "refreshTokens",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:refresh_tokens"
+ ]
+ }
+ ]
+ }
+ },
+ "/resource-servers": {
+ "get": {
+ "summary": "Get resource servers",
+ "description": "Retrieve details of all APIs associated with your tenant.",
+ "tags": [
+ "resource-servers"
+ ],
+ "parameters": [
+ {
+ "name": "identifiers",
+ "in": "query",
+ "description": "An optional filter on the resource server identifier. Must be URL encoded and may be specified multiple times (max 10).from: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.\n",
+ "tags": [
+ "roles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the role to retrieve a list of users associated with.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the role to retrieve a list of users associated with."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Role users successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListRoleUsersResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected all of: read:users, read:roles."
+ },
+ "404": {
+ "description": "Role not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_role_user",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListRoleUsersRequestParameters",
+ "x-operation-group": [
+ "roles",
+ "users"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users",
+ "read:roles",
+ "read:role_members"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Assign users to a role",
+ "description": "Assign one or more users to an existing user role. To learn more, review Role-Based Access Control.\n\nNote: New roles cannot be created through this action.\n",
+ "tags": [
+ "roles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the role to assign users to.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the role to assign users to."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/AssignRoleUsersRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/AssignRoleUsersRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Role users successfully updated."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: update:roles."
+ },
+ "404": {
+ "description": "Role not found.",
+ "x-description-1": "One or more of the users do not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_role_users",
+ "x-operation-name": "assign",
+ "x-operation-group": [
+ "roles",
+ "users"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:roles",
+ "create:role_members"
+ ]
+ }
+ ]
+ }
+ },
+ "/rules": {
+ "get": {
+ "summary": "Get rules",
+ "description": "Retrieve a filtered list of rules. Accepts a list of fields to include or exclude.\n",
+ "tags": [
+ "rules"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "enabled",
+ "in": "query",
+ "description": "Optional filter on whether a rule is enabled (true) or disabled (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Optional filter on whether a rule is enabled (true) or disabled (false)."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Rules successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListRulesResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:rules."
+ },
+ "404": {
+ "description": "Rule not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_rules",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListRulesRequestParameters",
+ "x-operation-group": "rules",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:rules"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a rule",
+ "description": "Create a new rule.\n\nNote: Changing a rule's stage of execution from the default login_success can change the rule's function signature to have user omitted.\n",
+ "tags": [
+ "rules"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateRuleRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateRuleRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Rule successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateRuleResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:rules.",
+ "x-description-1": "You reached the limit of entities of this type for this tenant."
+ },
+ "409": {
+ "description": "A rule with the same name already exists.",
+ "x-description-1": "A rule with the same order already exists.",
+ "x-description-2": "A rule with the same execution stage already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_rules",
+ "x-operation-name": "create",
+ "x-operation-group": "rules",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:rules"
+ ]
+ }
+ ]
+ }
+ },
+ "/rules-configs": {
+ "get": {
+ "summary": "Retrieve config variable keys for rules (get_rules-configs)",
+ "description": "Retrieve rules config variable keys.\n\n Note: For security, config variable values cannot be retrieved outside rule execution.",
+ "tags": [
+ "rules-configs"
+ ],
+ "responses": {
+ "200": {
+ "description": "Rules config keys successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/RulesConfig"
+ }
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:rules_configs."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_rules-configs",
+ "x-operation-name": "list",
+ "x-operation-group": "rulesConfigs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:rules_configs"
+ ]
+ }
+ ]
+ }
+ },
+ "/rules-configs/{key}": {
+ "delete": {
+ "summary": "Delete rules config for a given key",
+ "description": "Delete a rules config variable identified by its key.",
+ "tags": [
+ "rules-configs"
+ ],
+ "parameters": [
+ {
+ "name": "key",
+ "in": "path",
+ "description": "Key of the rules config variable to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Key of the rules config variable to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Rules config variable successfully removed."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:rules_configs."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_rules-configs_by_key",
+ "x-operation-name": "delete",
+ "x-operation-group": "rulesConfigs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:rules_configs"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Set rules config for a given key",
+ "description": "Sets a rules config variable.",
+ "tags": [
+ "rules-configs"
+ ],
+ "parameters": [
+ {
+ "name": "key",
+ "in": "path",
+ "description": "Key of the rules config variable to set (max length: 127 characters).",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Key of the rules config variable to set (max length: 127 characters)."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetRulesConfigRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetRulesConfigRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Rules config variable successfully set.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetRulesConfigResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:rules_configs."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_rules-configs_by_key",
+ "x-operation-name": "set",
+ "x-operation-group": "rulesConfigs",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:rules_configs"
+ ]
+ }
+ ]
+ }
+ },
+ "/rules/{id}": {
+ "get": {
+ "summary": "Get a rule",
+ "description": "Retrieve rule details. Accepts a list of fields to include or exclude in the result.\n",
+ "tags": [
+ "rules"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the rule to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the rule to retrieve."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Rule successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetRuleResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:rules."
+ },
+ "404": {
+ "description": "Rule not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_rules_by_id",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetRuleRequestParameters",
+ "x-operation-group": "rules",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:rules"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a rule",
+ "description": "Delete a rule.\n",
+ "tags": [
+ "rules"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the rule to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the rule to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Rule successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:rules."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_rules_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "rules",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:rules"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a rule",
+ "description": "Update an existing rule.\n",
+ "tags": [
+ "rules"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the rule to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the rule to retrieve."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateRuleRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateRuleRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Rule successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateRuleResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:rules."
+ },
+ "404": {
+ "description": "Rule not found."
+ },
+ "409": {
+ "description": "A rule with the same name already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_rules_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "rules",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:rules"
+ ]
+ }
+ ]
+ }
+ },
+ "/self-service-profiles": {
+ "get": {
+ "summary": "Get self-service profiles",
+ "description": "Retrieves self-service profiles.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "List of existing profiles.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListSelfServiceProfilesResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: read:self_service_profiles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "get_self-service-profiles",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListSelfServiceProfilesRequestParameters",
+ "x-operation-group": "selfServiceProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:self_service_profiles"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a self-service profile",
+ "description": "Creates a self-service profile.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Self-service profile successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid Request Body."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: create:self_service_profiles."
+ },
+ "409": {
+ "description": "No more profiles can be created for this tenant."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "post_self-service-profiles",
+ "x-operation-name": "create",
+ "x-operation-group": "selfServiceProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:self_service_profiles"
+ ]
+ }
+ ]
+ }
+ },
+ "/self-service-profiles/{id}": {
+ "get": {
+ "summary": "Get a self-service profile by Id",
+ "description": "Retrieves a self-service profile by Id.",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile to retrieve"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Record for existing self-service profile.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetSelfServiceProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid Request."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: read:self_service_profiles."
+ },
+ "404": {
+ "description": "Self-service profile not found"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "get_self-service-profiles_by_id",
+ "x-operation-name": "get",
+ "x-operation-group": "selfServiceProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:self_service_profiles"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a self-service profile by Id",
+ "description": "Deletes a self-service profile by Id.",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile to delete",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile to delete"
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Self-service profile successfully deleted."
+ },
+ "400": {
+ "description": "Invalid Request."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: delete:self_service_profiles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "delete_self-service-profiles_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "selfServiceProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:self_service_profiles"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a self-service profile",
+ "description": "Updates a self-service profile.",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile to update",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile to update"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSelfServiceProfileRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSelfServiceProfileRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Self-service profile successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSelfServiceProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid Request."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected: update:self_service_profiles."
+ },
+ "404": {
+ "description": "Self-service profile not found"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "500": {
+ "description": "Internal error."
+ }
+ },
+ "operationId": "patch_self-service-profiles_by_id",
+ "x-operation-name": "update",
+ "x-operation-group": "selfServiceProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:self_service_profiles"
+ ]
+ }
+ ]
+ }
+ },
+ "/self-service-profiles/{id}/custom-text/{language}/{page}": {
+ "get": {
+ "summary": "Get custom text for a self-service profile",
+ "description": "Retrieves text customizations for a given self-service profile, language and Self Service SSO Flow page.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile."
+ }
+ },
+ {
+ "name": "language",
+ "in": "path",
+ "description": "The language of the custom text.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/SelfServiceProfileCustomTextLanguageEnum"
+ }
+ },
+ {
+ "name": "page",
+ "in": "path",
+ "description": "The page where the custom text is shown.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/SelfServiceProfileCustomTextPageEnum"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Retrieved custom text.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListSelfServiceProfileCustomTextResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:self_service_profile_custom_texts."
+ },
+ "404": {
+ "description": "Self-service profile not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_self_service_profile_custom_text",
+ "x-operation-name": "list",
+ "x-operation-group": [
+ "selfServiceProfiles",
+ "customText"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:self_service_profile_custom_texts"
+ ]
+ }
+ ]
+ },
+ "put": {
+ "summary": "Set custom text for a self-service profile",
+ "description": "Updates text customizations for a given self-service profile, language and Self Service SSO Flow page.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile."
+ }
+ },
+ {
+ "name": "language",
+ "in": "path",
+ "description": "The language of the custom text.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/SelfServiceProfileCustomTextLanguageEnum"
+ }
+ },
+ {
+ "name": "page",
+ "in": "path",
+ "description": "The page where the custom text is shown.",
+ "required": true,
+ "schema": {
+ "$ref": "#/components/schemas/SelfServiceProfileCustomTextPageEnum"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetSelfServiceProfileCustomTextRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/SetSelfServiceProfileCustomTextRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Updated custom text.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/SetSelfServiceProfileCustomTextResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:self_service_profile_custom_texts."
+ },
+ "404": {
+ "description": "Self-service profile not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "put_self_service_profile_custom_text",
+ "x-operation-name": "set",
+ "x-operation-group": [
+ "selfServiceProfiles",
+ "customText"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:self_service_profile_custom_texts"
+ ]
+ }
+ ]
+ }
+ },
+ "/self-service-profiles/{id}/sso-ticket": {
+ "post": {
+ "summary": "Create an SSO access ticket to initiate the Self Service SSO Flow",
+ "description": "Creates an SSO access ticket to initiate the Self Service SSO Flow using a self-service profile.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the self-service profile to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile to retrieve"
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileSsoTicketRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileSsoTicketRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "SSO Access Ticket successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateSelfServiceProfileSsoTicketResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: create:sso_access_tickets."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_sso-ticket",
+ "x-operation-name": "create",
+ "x-operation-group": [
+ "selfServiceProfiles",
+ "ssoTicket"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:sso_access_tickets"
+ ]
+ }
+ ]
+ }
+ },
+ "/self-service-profiles/{profileId}/sso-ticket/{id}/revoke": {
+ "post": {
+ "summary": "Revoke an SSO access ticket",
+ "description": "Revokes an SSO access ticket and invalidates associated sessions. The ticket will no longer be accepted to initiate a Self-Service SSO session. If any users have already started a session through this ticket, their session will be terminated. Clients should expect a `202 Accepted` response upon successful processing, indicating that the request has been acknowledged and that the revocation is underway but may not be fully completed at the time of response. If the specified ticket does not exist, a `202 Accepted` response is also returned, signaling that no further action is required.\nClients should treat these `202` responses as an acknowledgment that the request has been accepted and is in progress, even if the ticket was not found.\n",
+ "tags": [
+ "self-service-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "profileId",
+ "in": "path",
+ "description": "The id of the self-service profile",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the self-service profile"
+ }
+ },
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The id of the ticket to revoke",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The id of the ticket to revoke"
+ }
+ }
+ ],
+ "responses": {
+ "202": {
+ "description": "SSO Access Ticket revocation request accepted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:sso_access_tickets."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_revoke",
+ "x-operation-name": "revoke",
+ "x-operation-group": [
+ "selfServiceProfiles",
+ "ssoTicket"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:sso_access_tickets"
+ ]
+ }
+ ]
+ }
+ },
+ "/sessions/{id}": {
+ "get": {
+ "summary": "Get session",
+ "description": "Retrieve session information.",
+ "tags": [
+ "sessions"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of session to retrieve",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of session to retrieve"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "The session was retrieved",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetSessionResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation"
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:sessions"
+ },
+ "404": {
+ "description": "The session does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_session",
+ "x-operation-name": "get",
+ "x-operation-group": "sessions",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:sessions"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete session",
+ "description": "Delete a session by ID.",
+ "tags": [
+ "sessions"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the session to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the session to delete."
+ }
+ }
+ ],
+ "responses": {
+ "202": {
+ "description": "Session deletion request accepted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: delete:sessions"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_session",
+ "x-operation-name": "delete",
+ "x-operation-group": "sessions",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:sessions"
+ ]
+ }
+ ]
+ }
+ },
+ "/sessions/{id}/revoke": {
+ "post": {
+ "summary": "Revokes a session",
+ "description": "Revokes a session by ID and all associated refresh tokens.",
+ "tags": [
+ "sessions"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the session to revoke.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the session to revoke."
+ }
+ }
+ ],
+ "responses": {
+ "202": {
+ "description": "Session deletion request accepted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected: delete:sessions"
+ },
+ "404": {
+ "description": "The session does not exist."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "revoke_session",
+ "x-operation-name": "revoke",
+ "x-operation-group": "sessions",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:sessions",
+ "delete:refresh_tokens"
+ ]
+ }
+ ]
+ }
+ },
+ "/stats/active-users": {
+ "get": {
+ "summary": "Get active users count",
+ "description": "Retrieve the number of active users that logged in during the last 30 days.",
+ "tags": [
+ "stats"
+ ],
+ "responses": {
+ "200": {
+ "description": "Number of active users successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetActiveUsersCountStatsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:stats."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_active-users",
+ "x-operation-name": "getActiveUsersCount",
+ "x-operation-group": "stats",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:stats"
+ ]
+ }
+ ]
+ }
+ },
+ "/stats/daily": {
+ "get": {
+ "summary": "Get daily stats",
+ "description": "Retrieve the number of logins, signups and breached-password detections (subscription required) that occurred each day within a specified date range.",
+ "tags": [
+ "stats"
+ ],
+ "parameters": [
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional first day of the date range (inclusive) in YYYYMMDD format.",
+ "schema": {
+ "type": "string",
+ "description": "Optional first day of the date range (inclusive) in YYYYMMDD format."
+ }
+ },
+ {
+ "name": "to",
+ "in": "query",
+ "description": "Optional last day of the date range (inclusive) in YYYYMMDD format.",
+ "schema": {
+ "type": "string",
+ "description": "Optional last day of the date range (inclusive) in YYYYMMDD format."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Daily stats successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/DailyStats"
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query. The message will vary depending on the cause.",
+ "x-description-1": "'from' date cannot be greater than 'to' date."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:stats."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_daily",
+ "x-operation-name": "getDaily",
+ "x-operation-request-parameters-name": "GetDailyStatsRequestParameters",
+ "x-operation-group": "stats",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:stats"
+ ]
+ }
+ ]
+ }
+ },
+ "/supplemental-signals": {
+ "get": {
+ "summary": "Get the supplemental signals configuration for a tenant",
+ "description": "Get the supplemental signals configuration for a tenant.",
+ "tags": [
+ "supplemental-signals"
+ ],
+ "responses": {
+ "200": {
+ "description": "Supplemental Signals configuration successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetSupplementalSignalsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:attack_protection."
+ },
+ "404": {
+ "description": "Supplemental Signals configuration not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_supplemental-signals",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "get",
+ "x-operation-group": "supplementalSignals",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:attack_protection"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update the supplemental signals configuration for a tenant",
+ "description": "Update the supplemental signals configuration for a tenant.",
+ "tags": [
+ "supplemental-signals"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSupplementalSignalsRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateSupplementalSignalsRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Supplemental Signals configuration successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/PatchSupplementalSignalsResponseContent"
+ }
+ }
+ }
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:attack_protection."
+ },
+ "404": {
+ "description": "Supplemental Signals configuration not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_supplemental-signals",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "patch",
+ "x-operation-group": "supplementalSignals",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:attack_protection"
+ ]
+ }
+ ]
+ }
+ },
+ "/tenants/settings": {
+ "get": {
+ "summary": "Get tenant settings",
+ "description": "Retrieve tenant settings. A list of fields to include or exclude may also be specified.",
+ "tags": [
+ "tenants"
+ ],
+ "parameters": [
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Tenant settings successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetTenantSettingsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "The specified client cannot perform the requested operation.",
+ "x-description-1": "Insufficient scope; expected any of: read:tenant_settings."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "tenant_settings_route",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetTenantSettingsRequestParameters",
+ "x-operation-group": [
+ "tenants",
+ "settings"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:tenant_settings"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update tenant settings",
+ "description": "Update settings for a tenant.",
+ "tags": [
+ "tenants"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateTenantSettingsRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateTenantSettingsRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Tenant settings successfully updated.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateTenantSettingsResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:tenant_settings."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_settings",
+ "x-operation-name": "update",
+ "x-operation-group": [
+ "tenants",
+ "settings"
+ ],
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:tenant_settings"
+ ]
+ }
+ ]
+ }
+ },
+ "/tickets/email-verification": {
+ "post": {
+ "summary": "Create an email verification ticket",
+ "description": "Create an email verification ticket for a given user. An email verification ticket is a generated URL that the user can consume to verify their email address.\n",
+ "tags": [
+ "tickets"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/VerifyEmailTicketRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/VerifyEmailTicketRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Ticket successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/VerifyEmailTicketResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "The user does not have an email address.",
+ "x-description-2": "The user's main connection does not support this operation.",
+ "x-description-3": "An error ocurred in Auth0's identity provider.",
+ "x-description-4": "The connection with id {connection_id} does not exist.",
+ "x-description-5": "The client does not exist",
+ "x-description-6": "The organization does not exist",
+ "x-description-7": "The user with id {user_id} is not a member of organization with id {organization_id}."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: create:user_tickets."
+ },
+ "404": {
+ "description": "User not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_email-verification",
+ "x-operation-name": "verifyEmail",
+ "x-operation-group": "tickets",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:user_tickets"
+ ]
+ }
+ ]
+ }
+ },
+ "/tickets/password-change": {
+ "post": {
+ "summary": "Create a password change ticket",
+ "description": "Create a password change ticket for a given user. A password change ticket is a generated URL that the user can consume to start a reset password flow.\n\nNote: This endpoint does not verify the given user’s identity. If you call this endpoint within your application, you must design your application to verify the user’s identity.\n",
+ "tags": [
+ "tickets"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ChangePasswordTicketRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/ChangePasswordTicketRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Ticket successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ChangePasswordTicketResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "The user does not have an email address.",
+ "x-description-2": "The user's main connection does not support this operation.",
+ "x-description-3": "An error ocurred in Auth0's identity provider.",
+ "x-description-4": "The connection with id {connection_id} does not exist.",
+ "x-description-5": "The client does not exist",
+ "x-description-6": "The organization does not exist",
+ "x-description-7": "The user with id {user_id} is not a member of organization with id {organization_id}."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: create:user_tickets."
+ },
+ "404": {
+ "description": "User not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_password-change",
+ "x-operation-name": "changePassword",
+ "x-operation-group": "tickets",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:user_tickets"
+ ]
+ }
+ ]
+ }
+ },
+ "/token-exchange-profiles": {
+ "get": {
+ "summary": "Get token exchange profiles",
+ "description": "Retrieve a list of all Token Exchange Profiles available in your tenant.\n\nThis endpoint supports Checkpoint pagination. To search by checkpoint, use the following parameters:\nfrom: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to 50.from parameter. If there are more results, a next value is included in the response. You can use this for subsequent API calls. When next is no longer included in the response, no pages are remaining.",
+ "tags": [
+ "token-exchange-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "from",
+ "in": "query",
+ "description": "Optional Id from which to start selection.",
+ "schema": {
+ "type": "string",
+ "description": "Optional Id from which to start selection."
+ }
+ },
+ {
+ "name": "take",
+ "in": "query",
+ "description": "Number of results per page. Defaults to 50.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page. Defaults to 50."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Token Exchange Profile successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListTokenExchangeProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:token_exchange_profiles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_token-exchange-profiles",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "list",
+ "x-operation-group": "tokenExchangeProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:token_exchange_profiles"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a token exchange profile",
+ "description": "Create a new Token Exchange Profile within your tenant.\n",
+ "tags": [
+ "token-exchange-profiles"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateTokenExchangeProfileRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateTokenExchangeProfileRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "Token exchange profile successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateTokenExchangeProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Type field must be custom",
+ "x-description-1": "Action is not deployed",
+ "x-description-2": "Action must have supported_triggers: custom-token-exchange",
+ "x-description-3": "Action not found",
+ "x-description-0": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "You reached the limit of entities of this type for this tenant.",
+ "x-description-0": "Insufficient scope; expected any of: create:token_exchange_profiles."
+ },
+ "409": {
+ "description": "subject_token_type already exists for tenant"
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_token-exchange-profiles",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "create",
+ "x-operation-group": "tokenExchangeProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:token_exchange_profiles"
+ ]
+ }
+ ]
+ }
+ },
+ "/token-exchange-profiles/{id}": {
+ "get": {
+ "summary": "Get a token exchange profile",
+ "description": "Retrieve details about a single Token Exchange Profile specified by ID.\n",
+ "tags": [
+ "token-exchange-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the Token Exchange Profile to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the Token Exchange Profile to retrieve."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Token Exchange Profile successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetTokenExchangeProfileResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:token_exchange_profiles."
+ },
+ "404": {
+ "description": "Token Exchange Profile not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_token-exchange-profiles_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "get",
+ "x-operation-group": "tokenExchangeProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:token_exchange_profiles"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a token exchange profile",
+ "description": "Delete a Token Exchange Profile within your tenant.",
+ "tags": [
+ "token-exchange-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the Token Exchange Profile to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the Token Exchange Profile to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Token Exchange Profile successfully deleted."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: delete:token_exchange_profiles."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_token-exchange-profiles_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "delete",
+ "x-operation-group": "tokenExchangeProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:token_exchange_profiles"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update an existing token exchange profile",
+ "description": "Update a Token Exchange Profile within your tenant.\n",
+ "tags": [
+ "token-exchange-profiles"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the Token Exchange Profile to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the Token Exchange Profile to update."
+ }
+ }
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateTokenExchangeProfileRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/UpdateTokenExchangeProfileRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "description": "Token exchange profile successfully updated."
+ },
+ "400": {
+ "description": "subject_token_type already exists for tenant",
+ "x-description-1": "Unable to update field.",
+ "x-description-0": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Client is not global."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: update:token_exchange_profiles."
+ },
+ "404": {
+ "description": "Token exchange profile not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "patch_token-exchange-profiles_by_id",
+ "x-release-lifecycle": "EA",
+ "x-operation-name": "update",
+ "x-operation-group": "tokenExchangeProfiles",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:token_exchange_profiles"
+ ]
+ }
+ ]
+ }
+ },
+ "/user-blocks": {
+ "get": {
+ "summary": "Get blocks by identifier",
+ "description": "Retrieve details of all Brute-force Protection blocks for a user with the given identifier (username, phone number, or email).",
+ "tags": [
+ "user-blocks"
+ ],
+ "parameters": [
+ {
+ "name": "identifier",
+ "in": "query",
+ "description": "Should be any of a username, phone number, or email.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Should be any of a username, phone number, or email."
+ }
+ },
+ {
+ "name": "consider_brute_force_enablement",
+ "in": "query",
+ "description": "\n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n ",
+ "schema": {
+ "type": "boolean",
+ "description": "\n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n "
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "User successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListUserBlocksByIdentifierResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope; expected any of: read:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_user-blocks",
+ "x-operation-name": "listByIdentifier",
+ "x-operation-request-parameters-name": "ListUserBlocksByIdentifierRequestParameters",
+ "x-operation-group": "userBlocks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Unblock by identifier",
+ "description": "Remove all Brute-force Protection blocks for the user with the given identifier (username, phone number, or email).\n\nNote: This endpoint does not unblock users that were blocked by a tenant administrator.\n",
+ "tags": [
+ "user-blocks"
+ ],
+ "parameters": [
+ {
+ "name": "identifier",
+ "in": "query",
+ "description": "Should be any of a username, phone number, or email.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Should be any of a username, phone number, or email."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "User successfully unblocked."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes.",
+ "x-description-1": "Insufficient scope; expected any of: update:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_user-blocks",
+ "x-operation-name": "deleteByIdentifier",
+ "x-operation-request-parameters-name": "DeleteUserBlocksByIdentifierRequestParameters",
+ "x-operation-group": "userBlocks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/user-blocks/{id}": {
+ "get": {
+ "summary": "Get a user's blocks",
+ "description": "Retrieve details of all Brute-force Protection blocks for the user with the given ID.\n",
+ "tags": [
+ "user-blocks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "user_id of the user blocks to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "user_id of the user blocks to retrieve."
+ }
+ },
+ {
+ "name": "consider_brute_force_enablement",
+ "in": "query",
+ "description": "\n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n ",
+ "schema": {
+ "type": "boolean",
+ "description": "\n If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.\n If true and Brute Force Protection is disabled, will return an empty list.\n "
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "User block successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListUserBlocksResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: read:users."
+ },
+ "404": {
+ "description": "User not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_user-blocks_by_id",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListUserBlocksRequestParameters",
+ "x-operation-group": "userBlocks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Unblock a user",
+ "description": "Remove all Brute-force Protection blocks for the user with the given ID.\n\nNote: This endpoint does not unblock users that were blocked by a tenant administrator.\n",
+ "tags": [
+ "user-blocks"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "The user_id of the user to update.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "The user_id of the user to update."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "User successfully unblocked."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request body. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Some fields cannot be read with the permissions granted by the bearer token scopes. The message will vary depending on the fields and the scopes.",
+ "x-description-2": "Insufficient scope; expected any of: update:users."
+ },
+ "404": {
+ "description": "User not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_user-blocks_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "userBlocks",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "update:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/users": {
+ "get": {
+ "summary": "List or Search Users",
+ "description": "Retrieve details of users. It is possible to:\n\n- Specify a search criteria for users\n- Sort the users to be returned\n- Select the fields to be returned\n- Specify the number of users to retrieve per page and the page index\n \nThe q query parameter can be used to get users that match the specified criteria using query string syntax.\n\nLearn more about searching for users.\n\nRead about best practices when working with the API endpoints for retrieving users.\n\nAuth0 limits the number of users you can return. If you exceed this threshold, please redefine your search, use the export job, or the User Import / Export extension.\n",
+ "tags": [
+ "users"
+ ],
+ "parameters": [
+ {
+ "name": "page",
+ "in": "query",
+ "description": "Page index of the results to return. First page is 0.",
+ "schema": {
+ "type": "integer",
+ "description": "Page index of the results to return. First page is 0."
+ }
+ },
+ {
+ "name": "per_page",
+ "in": "query",
+ "description": "Number of results per page.",
+ "schema": {
+ "type": "integer",
+ "description": "Number of results per page."
+ }
+ },
+ {
+ "name": "include_totals",
+ "in": "query",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).",
+ "schema": {
+ "type": "boolean",
+ "description": "Return results inside an object that contains the total result count (true) or as a direct array of results (false, default)."
+ }
+ },
+ {
+ "name": "sort",
+ "in": "query",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1",
+ "schema": {
+ "type": "string",
+ "description": "Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1"
+ }
+ },
+ {
+ "name": "connection",
+ "in": "query",
+ "description": "Connection filter. Only applies when using search_engine=v1. To filter by connection with search_engine=v2|v3, use q=identities.connection:\"connection_name\"",
+ "schema": {
+ "type": "string",
+ "description": "Connection filter. Only applies when using search_engine=v1. To filter by connection with search_engine=v2|v3, use q=identities.connection:\"connection_name\""
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ },
+ {
+ "name": "q",
+ "in": "query",
+ "description": "Query in Lucene query string syntax. Some query types cannot be used on metadata fields, for details see Searchable Fields.",
+ "schema": {
+ "type": "string",
+ "description": "Query in Lucene query string syntax. Some query types cannot be used on metadata fields, for details see Searchable Fields."
+ }
+ },
+ {
+ "name": "search_engine",
+ "in": "query",
+ "description": "The version of the search engine",
+ "schema": {
+ "$ref": "#/components/schemas/SearchEngineVersionsEnum"
+ }
+ },
+ {
+ "name": "primary_order",
+ "in": "query",
+ "description": "If true (default), results are returned in a deterministic order. If false, results may be returned in a non-deterministic order, which can enhance performance for complex queries targeting a small number of users. Set to false only when consistent ordering and pagination is not required.",
+ "schema": {
+ "type": "boolean",
+ "description": "If true (default), results are returned in a deterministic order. If false, results may be returned in a non-deterministic order, which can enhance performance for complex queries targeting a small number of users. Set to false only when consistent ordering and pagination is not required."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Users successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/ListUsersResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request query string. The message will vary depending on the cause.",
+ "x-description-1": "The 'q' parameter is available only if you specify 'search_engine=v2|v3'.",
+ "x-description-2": "You are not allowed to use search_engine=v1.",
+ "x-description-3": "You are not allowed to use search_engine=v2. Use search_engine=v3 instead.",
+ "x-description-4": "You are not allowed to use search_engine=v3.",
+ "x-description-5": "You can only page through the first 1000 records. See https://auth0.com/docs/users/search/v3/view-search-results-by-page#limitation."
+ },
+ "401": {
+ "description": "Client is not global.",
+ "x-description-1": "Invalid signature received for JSON Web Token validation.",
+ "x-description-2": "Invalid token."
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: read:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ },
+ "503": {
+ "description": "The query exceeded the timeout. Please try refining your search criteria. See https://auth0.com/docs/best-practices/search-best-practices."
+ }
+ },
+ "operationId": "get_users",
+ "x-operation-name": "list",
+ "x-operation-request-parameters-name": "ListUsersRequestParameters",
+ "x-operation-group": "users",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users",
+ "read:user_idp_tokens"
+ ]
+ }
+ ]
+ },
+ "post": {
+ "summary": "Create a User",
+ "description": "Create a new user for a given database or passwordless connection.\n\nNote: connection is required but other parameters such as email and password are dependent upon the type of connection.",
+ "tags": [
+ "users"
+ ],
+ "requestBody": {
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateUserRequestContent"
+ }
+ },
+ "application/x-www-form-urlencoded": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateUserRequestContent"
+ }
+ }
+ }
+ },
+ "responses": {
+ "201": {
+ "description": "User successfully created.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/CreateUserResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request body. The message will vary depending on the cause.",
+ "x-description-1": "Connection does not support user creation through the API. It must either be a database or passwordless connection.",
+ "x-description-2": "Cannot set username for connection without requires_username.",
+ "x-description-3": "Connection does not exist.",
+ "x-description-4": "Connection is disabled."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "Insufficient scope, expected any of: create:users."
+ },
+ "409": {
+ "description": "User already exists."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "post_users",
+ "x-operation-name": "create",
+ "x-operation-group": "users",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "create:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/users-by-email": {
+ "get": {
+ "summary": "Search Users by Email",
+ "description": "Find users by email. If Auth0 is the identity provider (idP), the email address associated with a user is saved in lower case, regardless of how you initially provided it. \n\nFor example, if you register a user as JohnSmith@example.com, Auth0 saves the user's email as johnsmith@example.com. \n\nTherefore, when using this endpoint, make sure that you are searching for users via email addresses using the correct case.\n",
+ "tags": [
+ "users-by-email"
+ ],
+ "parameters": [
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true.",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false). Defaults to true."
+ }
+ },
+ {
+ "name": "email",
+ "in": "query",
+ "description": "Email address to search for (case-sensitive).",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "Email address to search for (case-sensitive)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Users successfully searched.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserResponseSchema"
+ }
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: read:users."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_users-by-email",
+ "x-operation-name": "listUsersByEmail",
+ "x-operation-request-parameters-name": "ListUsersByEmailRequestParameters",
+ "x-operation-group": "users",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users"
+ ]
+ }
+ ]
+ }
+ },
+ "/users/{id}": {
+ "get": {
+ "summary": "Get a User",
+ "description": "Retrieve user details. A list of fields to include or exclude may also be specified. For more information, see Retrieve Users with the Get Users Endpoint.\n",
+ "tags": [
+ "users"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the user to retrieve.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the user to retrieve."
+ }
+ },
+ {
+ "name": "fields",
+ "in": "query",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields.",
+ "schema": {
+ "type": "string",
+ "description": "Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields."
+ }
+ },
+ {
+ "name": "include_fields",
+ "in": "query",
+ "description": "Whether specified fields are to be included (true) or excluded (false).",
+ "schema": {
+ "type": "boolean",
+ "description": "Whether specified fields are to be included (true) or excluded (false)."
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "User successfully retrieved.",
+ "content": {
+ "application/json": {
+ "schema": {
+ "$ref": "#/components/schemas/GetUserResponseContent"
+ }
+ }
+ }
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause.",
+ "x-description-1": "Invalid request query string. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: read:users, read:user_idp_tokens, read:current_user."
+ },
+ "404": {
+ "description": "User not found."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "get_users_by_id",
+ "x-operation-name": "get",
+ "x-operation-request-parameters-name": "GetUserRequestParameters",
+ "x-operation-group": "users",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "read:users",
+ "read:current_user",
+ "read:user_idp_tokens"
+ ]
+ }
+ ]
+ },
+ "delete": {
+ "summary": "Delete a User",
+ "description": "Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users.\n",
+ "tags": [
+ "users"
+ ],
+ "parameters": [
+ {
+ "name": "id",
+ "in": "path",
+ "description": "ID of the user to delete.",
+ "required": true,
+ "schema": {
+ "type": "string",
+ "description": "ID of the user to delete."
+ }
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "User successfully deleted."
+ },
+ "400": {
+ "description": "Invalid request URI. The message will vary depending on the cause."
+ },
+ "401": {
+ "description": "Invalid token.",
+ "x-description-1": "Client is not global.",
+ "x-description-2": "Invalid signature received for JSON Web Token validation."
+ },
+ "403": {
+ "description": "User to be acted on does not match subject in bearer token.",
+ "x-description-1": "Insufficient scope; expected any of: delete:users,delete:current_user."
+ },
+ "429": {
+ "description": "Too many requests. Check the X-RateLimit-Limit, X-RateLimit-Remaining and X-RateLimit-Reset headers."
+ }
+ },
+ "operationId": "delete_users_by_id",
+ "x-operation-name": "delete",
+ "x-operation-group": "users",
+ "security": [
+ {
+ "bearerAuth": []
+ },
+ {
+ "oAuth2ClientCredentials": [
+ "delete:users",
+ "delete:current_user"
+ ]
+ }
+ ]
+ },
+ "patch": {
+ "summary": "Update a User",
+ "description": "Update a user.\n\nThese are the attributes that can be updated at the root level:\n\nuser_metadata and app_metadata). These properties are merged instead of being replaced but be careful, the merge only occurs on the first level.email, email_verified, phone_number, phone_verified, username or password of a secondary identity, you need to specify the connection property too.email or phone_number you can specify, optionally, the client_id property.email_verified is not supported for enterprise and passwordless sms connections.blocked to false does not affect the user's blocked state from an excessive amount of incorrectly provided credentials. Use the \"Unblock a user\" endpoint from the \"User Blocks\" API to change the user's state.null as the value.{ \"email_verified\": true }user_metadata:\n{ \"user_metadata\" : { \"profileCode\": 1479 } }addresses the body to send should be:\n{ \"user_metadata\" : { \"addresses\": {\"work_address\": \"100 Industrial Way\"} }}user_metadata property:{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": { \"work_address\": \"100 Industrial Way\" }\n }\n}\"home_address\": \"742 Evergreen Terrace\" (using the addresses property) we should send the whole addresses object. Since this is a first-level object, the object will be merged in, but its own properties will not be. The body to send should be:\n{\n \"user_metadata\": {\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}user_metadata property:\n{\n \"user_metadata\": {\n \"profileCode\": 1479,\n \"addresses\": {\n \"work_address\": \"100 Industrial Way\",\n \"home_address\": \"742 Evergreen Terrace\"\n }\n }\n}update:current_user_identities scope:\n \n POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\n Authorization: \"Bearer PRIMARY_ACCOUNT_JWT\"\n {\n \"link_with\": \"SECONDARY_ACCOUNT_JWT\"\n }\n \n In this case, only the link_with param is required in the body, which also contains the JWT obtained upon the secondary account's authentication.\n update:users scope:\n \n POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities\n Authorization: \"Bearer YOUR_API_V2_TOKEN\"\n {\n \"provider\": \"SECONDARY_ACCOUNT_PROVIDER\",\n \"connection_id\": \"SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)\",\n \"user_id\": \"SECONDARY_ACCOUNT_USER_ID\"\n }\n \n In this case you need to send provider and user_id in the body. Optionally you can also send the connection_id param which is suitable for identifying a particular database connection for the 'auth0' provider.\n null to unset, a solid color as a string value #FFFFFF, or a gradient as an object.\n\n\n{\n type: 'linear-gradient',\n start: '#FFFFFF',\n end: '#000000',\n angle_deg: 35\n}\nstandard, enhanced.",
+ "default": "standard",
+ "enum": [
+ "standard",
+ "enhanced"
+ ]
+ },
+ "BreachedPasswordDetectionPreChangePasswordShieldsEnum": {
+ "type": "string",
+ "enum": [
+ "block",
+ "admin_notification"
+ ]
+ },
+ "BreachedPasswordDetectionPreChangePasswordStage": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a breached password is detected during a password reset.\n Possible values: block, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionPreChangePasswordShieldsEnum"
+ }
+ }
+ }
+ },
+ "BreachedPasswordDetectionPreUserRegistrationShieldsEnum": {
+ "type": "string",
+ "enum": [
+ "block",
+ "admin_notification"
+ ]
+ },
+ "BreachedPasswordDetectionPreUserRegistrationStage": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a breached password is detected during a signup.\n Possible values: block, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionPreUserRegistrationShieldsEnum"
+ }
+ }
+ }
+ },
+ "BreachedPasswordDetectionShieldsEnum": {
+ "type": "string",
+ "enum": [
+ "block",
+ "user_notification",
+ "admin_notification"
+ ]
+ },
+ "BreachedPasswordDetectionStage": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "pre-user-registration": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionPreUserRegistrationStage"
+ },
+ "pre-change-password": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionPreChangePasswordStage"
+ }
+ }
+ },
+ "ChangePasswordTicketRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "result_url": {
+ "type": "string",
+ "description": "URL the user will be redirected to in the classic Universal Login experience once the ticket is used. Cannot be specified when using client_id or organization_id.",
+ "default": "http://myapp.com/callback",
+ "format": "url"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "user_id of for whom the ticket should be created.",
+ "format": "user-id"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger.",
+ "default": "DaM8bokEXBWrTUFCiJjWn50jei6ardyX",
+ "format": "client-id"
+ },
+ "organization_id": {
+ "type": "string",
+ "description": "(Optional) Organization ID – the ID of the Organization. If provided, organization parameters will be made available to the email template and organization branding will be applied to the prompt. In addition, the redirect link in the prompt will include organization_id and organization_name query string parameters.",
+ "default": "org_2eondWoxcMIpaLQc",
+ "format": "organization-id"
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "ID of the connection. If provided, allows the user to be specified using email instead of user_id. If you set this value, you must also send the email parameter. You cannot send user_id when specifying a connection_id.",
+ "default": "con_0000000000000001"
+ },
+ "email": {
+ "type": "string",
+ "description": "Email address of the user for whom the tickets should be created. Requires the connection_id parameter. Cannot be specified when using user_id.",
+ "format": "email"
+ },
+ "ttl_sec": {
+ "type": "integer",
+ "description": "Number of seconds for which the ticket is valid before expiration. If unspecified or set to 0, this value defaults to 432000 seconds (5 days)."
+ },
+ "mark_email_as_verified": {
+ "type": "boolean",
+ "description": "Whether to set the email_verified attribute to true (true) or whether it should not be updated (false).",
+ "default": false
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false)."
+ }
+ }
+ },
+ "ChangePasswordTicketResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "ticket"
+ ],
+ "properties": {
+ "ticket": {
+ "type": "string",
+ "description": "URL representing the ticket.",
+ "default": "https://login.auth0.com/lo/reset?client_id=nsaPS2p3cargoFy82WT7betaOPOt3qSh&tenant=mdocs&bewit=bmNlR01CcDNOUE1GeXVzODJXVDdyY1RUT1BPdDNxU2hcMTQzMDY2MjE4MVxuRTcxM0RSeUNlbEpzUUJmaFVaS3A1NEdJbWFzSUZMYzRTdEFtY2NMMXhZPVx7ImVtYWloojoiZGFtaWtww2NoQGhvdG1haWwuY29tIiwidGVuYW50IjoiZHNjaGVua2tjwWFuIiwiY2xpZW50X2lkIjoibmNlR01CcDNOUE1GeXVzODJXVDdyY1RUT1BPiiqxU2giLCJjb25uZWN0aW9uIjoiRGFtaWmsdiwicmVzdWx0VXJsIjoiIn0",
+ "format": "url"
+ }
+ }
+ },
+ "Client": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of this client.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ },
+ "tenant": {
+ "type": "string",
+ "description": "Name of the tenant this client belongs to.",
+ "default": ""
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this client (min length: 1 character, does not allow `<` or `>`).",
+ "default": "My application"
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of this client (max length: 140 characters).",
+ "default": ""
+ },
+ "global": {
+ "type": "boolean",
+ "description": "Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false).",
+ "default": false
+ },
+ "client_secret": {
+ "type": "string",
+ "description": "Client secret (which you must not make public).",
+ "default": "MG_TNT2ver-SylNat-_VeMmd-4m0Waba0jr1troztBniSChEw0glxEmgEi2Kw40H"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "URL of the logo to display for this client. Recommended size is 150x150 pixels."
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client (true) or not (false).",
+ "default": false
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).",
+ "default": false
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences/realms for SAML protocol. Used by the wsfed addon.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "signing_keys": {
+ "$ref": "#/components/schemas/ClientSigningKeys"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false).",
+ "default": false
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "Whether Single Sign On is disabled (true) or enabled (true). Defaults to true.",
+ "default": false
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."
+ },
+ "cross_origin_loc": {
+ "type": "string",
+ "description": "URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "Whether a custom login page is to be used (true) or the default provided login page (false).",
+ "default": true
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page.",
+ "default": ""
+ },
+ "custom_login_page_preview": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page. (Used on Previews)",
+ "default": ""
+ },
+ "form_template": {
+ "type": "string",
+ "description": "HTML form template to be used for WS-Federation.",
+ "default": ""
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodEnum"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {},
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsageEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithCredentialId"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "ClientAddonAWS": {
+ "type": "object",
+ "description": "AWS addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "principal": {
+ "type": "string",
+ "description": "AWS principal ARN, e.g. `arn:aws:iam::010616021751:saml-provider/idpname`"
+ },
+ "role": {
+ "type": "string",
+ "description": "AWS role ARN, e.g. `arn:aws:iam::010616021751:role/foo`"
+ },
+ "lifetime_in_seconds": {
+ "type": "integer",
+ "description": "AWS token lifetime in seconds"
+ }
+ }
+ },
+ "ClientAddonAzureBlob": {
+ "type": "object",
+ "description": "Azure Blob Storage addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "accountName": {
+ "type": "string",
+ "description": "Your Azure storage account name. Usually first segment in your Azure storage URL. e.g. `https://acme-org.blob.core.windows.net` would be the account name `acme-org`."
+ },
+ "storageAccessKey": {
+ "type": "string",
+ "description": "Access key associated with this storage account."
+ },
+ "containerName": {
+ "type": "string",
+ "description": "Container to request a token for. e.g. `my-container`."
+ },
+ "blobName": {
+ "type": "string",
+ "description": "Entity to request a token for. e.g. `my-blob`. If blank the computed SAS will apply to the entire storage container."
+ },
+ "expiration": {
+ "type": "integer",
+ "description": "Expiration in minutes for the generated token (default of 5 minutes)."
+ },
+ "signedIdentifier": {
+ "type": "string",
+ "description": "Shared access policy identifier defined in your storage account resource."
+ },
+ "blob_read": {
+ "type": "boolean",
+ "description": "Indicates if the issued token has permission to read the content, properties, metadata and block list. Use the blob as the source of a copy operation."
+ },
+ "blob_write": {
+ "type": "boolean",
+ "description": "Indicates if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account."
+ },
+ "blob_delete": {
+ "type": "boolean",
+ "description": "Indicates if the issued token has permission to delete the blob."
+ },
+ "container_read": {
+ "type": "boolean",
+ "description": "Indicates if the issued token has permission to read the content, properties, metadata or block list of any blob in the container. Use any blob in the container as the source of a copy operation"
+ },
+ "container_write": {
+ "type": "boolean",
+ "description": "Indicates that for any blob in the container if the issued token has permission to create or write content, properties, metadata, or block list. Snapshot or lease the blob. Resize the blob (page blob only). Use the blob as the destination of a copy operation within the same account."
+ },
+ "container_delete": {
+ "type": "boolean",
+ "description": "Indicates if issued token has permission to delete any blob in the container."
+ },
+ "container_list": {
+ "type": "boolean",
+ "description": "Indicates if the issued token has permission to list blobs in the container."
+ }
+ }
+ },
+ "ClientAddonAzureSB": {
+ "type": "object",
+ "description": "Azure Storage Bus addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "namespace": {
+ "type": "string",
+ "description": "Your Azure Service Bus namespace. Usually the first segment of your Service Bus URL (e.g. `https://acme-org.servicebus.windows.net` would be `acme-org`)."
+ },
+ "sasKeyName": {
+ "type": "string",
+ "description": "Your shared access policy name defined in your Service Bus entity."
+ },
+ "sasKey": {
+ "type": "string",
+ "description": "Primary Key associated with your shared access policy."
+ },
+ "entityPath": {
+ "type": "string",
+ "description": "Entity you want to request a token for. e.g. `my-queue`.'"
+ },
+ "expiration": {
+ "type": "integer",
+ "description": "Optional expiration in minutes for the generated token. Defaults to 5 minutes."
+ }
+ }
+ },
+ "ClientAddonBox": {
+ "type": "object",
+ "description": "Box SSO indicator (no configuration settings needed for Box SSO).",
+ "additionalProperties": true
+ },
+ "ClientAddonCloudBees": {
+ "type": "object",
+ "description": "CloudBees SSO indicator (no configuration settings needed for CloudBees SSO).",
+ "additionalProperties": true
+ },
+ "ClientAddonConcur": {
+ "type": "object",
+ "description": "Concur SSO indicator (no configuration settings needed for Concur SSO).",
+ "additionalProperties": true
+ },
+ "ClientAddonDropbox": {
+ "type": "object",
+ "description": "Dropbox SSO indicator (no configuration settings needed for Dropbox SSO).",
+ "additionalProperties": true
+ },
+ "ClientAddonEchoSign": {
+ "type": "object",
+ "description": "Adobe EchoSign SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "domain": {
+ "type": "string",
+ "description": "Your custom domain found in your EchoSign URL. e.g. `https://acme-org.echosign.com` would be `acme-org`."
+ }
+ }
+ },
+ "ClientAddonEgnyte": {
+ "type": "object",
+ "description": "Egnyte SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "domain": {
+ "type": "string",
+ "description": "Your custom domain found in your Egnyte URL. e.g. `https://acme-org.egnyte.com` would be `acme-org`."
+ }
+ }
+ },
+ "ClientAddonFirebase": {
+ "type": "object",
+ "description": "Google Firebase addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "secret": {
+ "type": "string",
+ "description": "Google Firebase Secret. (SDK 2 only)."
+ },
+ "private_key_id": {
+ "type": "string",
+ "description": "Optional ID of the private key to obtain kid header in the issued token (SDK v3+ tokens only)."
+ },
+ "private_key": {
+ "type": "string",
+ "description": "Private Key for signing the token (SDK v3+ tokens only)."
+ },
+ "client_email": {
+ "type": "string",
+ "description": "ID of the Service Account you have created (shown as `client_email` in the generated JSON file, SDK v3+ tokens only)."
+ },
+ "lifetime_in_seconds": {
+ "type": "integer",
+ "description": "Optional expiration in seconds for the generated token. Defaults to 3600 seconds (SDK v3+ tokens only)."
+ }
+ }
+ },
+ "ClientAddonLayer": {
+ "type": "object",
+ "description": "Layer addon configuration.",
+ "additionalProperties": true,
+ "required": [
+ "providerId",
+ "keyId",
+ "privateKey"
+ ],
+ "properties": {
+ "providerId": {
+ "type": "string",
+ "description": "Provider ID of your Layer account"
+ },
+ "keyId": {
+ "type": "string",
+ "description": "Authentication Key identifier used to sign the Layer token."
+ },
+ "privateKey": {
+ "type": "string",
+ "description": "Private key for signing the Layer token."
+ },
+ "principal": {
+ "type": "string",
+ "description": "Name of the property used as the unique user id in Layer. If not specified `user_id` is used."
+ },
+ "expiration": {
+ "type": "integer",
+ "description": "Optional expiration in minutes for the generated token. Defaults to 5 minutes."
+ }
+ }
+ },
+ "ClientAddonMSCRM": {
+ "type": "object",
+ "description": "Microsoft Dynamics CRM SSO configuration.",
+ "additionalProperties": true,
+ "required": [
+ "url"
+ ],
+ "properties": {
+ "url": {
+ "type": "string",
+ "description": "Microsoft Dynamics CRM application URL.",
+ "format": "url"
+ }
+ }
+ },
+ "ClientAddonNewRelic": {
+ "type": "object",
+ "description": "New Relic SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "account": {
+ "type": "string",
+ "description": "Your New Relic Account ID found in your New Relic URL after the `/accounts/` path. e.g. `https://rpm.newrelic.com/accounts/123456/query` would be `123456`."
+ }
+ }
+ },
+ "ClientAddonOAG": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Okta Access Gateway SSO configuration",
+ "additionalProperties": false,
+ "properties": {}
+ },
+ "ClientAddonOffice365": {
+ "type": "object",
+ "description": "Microsoft Office 365 SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "domain": {
+ "type": "string",
+ "description": "Your Office 365 domain name. e.g. `acme-org.com`."
+ },
+ "connection": {
+ "type": "string",
+ "description": "Optional Auth0 database connection for testing an already-configured Office 365 tenant."
+ }
+ }
+ },
+ "ClientAddonRMS": {
+ "type": "object",
+ "description": "Active Directory Rights Management Service SSO configuration.",
+ "additionalProperties": true,
+ "required": [
+ "url"
+ ],
+ "properties": {
+ "url": {
+ "type": "string",
+ "description": "URL of your Rights Management Server. It can be internal or external, but users will have to be able to reach it.",
+ "format": "url"
+ }
+ }
+ },
+ "ClientAddonSAML": {
+ "type": "object",
+ "description": "SAML2 addon indicator (no configuration settings needed for SAML2 addon).",
+ "additionalProperties": true,
+ "properties": {
+ "mappings": {
+ "$ref": "#/components/schemas/ClientAddonSAMLMapping"
+ },
+ "audience": {
+ "type": "string"
+ },
+ "recipient": {
+ "type": "string"
+ },
+ "createUpnClaim": {
+ "type": "boolean"
+ },
+ "mapUnknownClaimsAsIs": {
+ "type": "boolean"
+ },
+ "passthroughClaimsWithNoMapping": {
+ "type": "boolean"
+ },
+ "mapIdentities": {
+ "type": "boolean"
+ },
+ "signatureAlgorithm": {
+ "type": "string"
+ },
+ "digestAlgorithm": {
+ "type": "string"
+ },
+ "issuer": {
+ "type": "string"
+ },
+ "destination": {
+ "type": "string"
+ },
+ "lifetimeInSeconds": {
+ "type": "integer"
+ },
+ "signResponse": {
+ "type": "boolean"
+ },
+ "nameIdentifierFormat": {
+ "type": "string"
+ },
+ "nameIdentifierProbes": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "authnContextClassRef": {
+ "type": "string"
+ }
+ }
+ },
+ "ClientAddonSAMLMapping": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "ClientAddonSAPAPI": {
+ "type": "object",
+ "description": "SAP API addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "clientid": {
+ "type": "string",
+ "description": "If activated in the OAuth 2.0 client configuration (transaction SOAUTH2) the SAML attribute client_id must be set and equal the client_id form parameter of the access token request."
+ },
+ "usernameAttribute": {
+ "type": "string",
+ "description": "Name of the property in the user object that maps to a SAP username. e.g. `email`."
+ },
+ "tokenEndpointUrl": {
+ "type": "string",
+ "description": "Your SAP OData server OAuth2 token endpoint URL.",
+ "format": "url"
+ },
+ "scope": {
+ "type": "string",
+ "description": "Requested scope for SAP APIs."
+ },
+ "servicePassword": {
+ "type": "string",
+ "description": "Service account password to use to authenticate API calls to the token endpoint."
+ },
+ "nameIdentifierFormat": {
+ "type": "string",
+ "description": "NameID element of the Subject which can be used to express the user's identity. Defaults to `urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified`."
+ }
+ }
+ },
+ "ClientAddonSSOIntegration": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "SSO integration name"
+ },
+ "version": {
+ "type": "string",
+ "description": "SSO integration version installed"
+ }
+ }
+ },
+ "ClientAddonSalesforce": {
+ "type": "object",
+ "description": "Salesforce SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "entity_id": {
+ "type": "string",
+ "description": "Arbitrary logical URL that identifies the Saleforce resource. e.g. `https://acme-org.com`.",
+ "format": "url"
+ }
+ }
+ },
+ "ClientAddonSalesforceAPI": {
+ "type": "object",
+ "description": "Salesforce API addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "clientid": {
+ "type": "string",
+ "description": "Consumer Key assigned by Salesforce to the Connected App."
+ },
+ "principal": {
+ "type": "string",
+ "description": "Name of the property in the user object that maps to a Salesforce username. e.g. `email`."
+ },
+ "communityName": {
+ "type": "string",
+ "description": "Community name."
+ },
+ "community_url_section": {
+ "type": "string",
+ "description": "Community url section."
+ }
+ }
+ },
+ "ClientAddonSalesforceSandboxAPI": {
+ "type": "object",
+ "description": "Salesforce Sandbox addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "clientid": {
+ "type": "string",
+ "description": "Consumer Key assigned by Salesforce to the Connected App."
+ },
+ "principal": {
+ "type": "string",
+ "description": "Name of the property in the user object that maps to a Salesforce username. e.g. `email`."
+ },
+ "communityName": {
+ "type": "string",
+ "description": "Community name."
+ },
+ "community_url_section": {
+ "type": "string",
+ "description": "Community url section."
+ }
+ }
+ },
+ "ClientAddonSentry": {
+ "type": "object",
+ "description": "Sentry SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "org_slug": {
+ "type": "string",
+ "description": "Generated slug for your Sentry organization. Found in your Sentry URL. e.g. `https://sentry.acme.com/acme-org/` would be `acme-org`."
+ },
+ "base_url": {
+ "type": "string",
+ "description": "URL prefix only if running Sentry Community Edition, otherwise leave should be blank."
+ }
+ }
+ },
+ "ClientAddonSharePoint": {
+ "type": "object",
+ "description": "SharePoint SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "url": {
+ "type": "string",
+ "description": "Internal SharePoint application URL."
+ },
+ "external_url": {
+ "$ref": "#/components/schemas/ClientAddonSharePointExternalURL"
+ }
+ }
+ },
+ "ClientAddonSharePointExternalURL": {
+ "description": "External SharePoint application URLs if exposed to the Internet.",
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ {
+ "type": "string"
+ }
+ ]
+ },
+ "ClientAddonSlack": {
+ "type": "object",
+ "description": "Slack team or workspace name usually first segment in your Slack URL. e.g. `https://acme-org.slack.com` would be `acme-org`.",
+ "additionalProperties": true,
+ "required": [
+ "team"
+ ],
+ "properties": {
+ "team": {
+ "type": "string",
+ "description": "Slack team name."
+ }
+ }
+ },
+ "ClientAddonSpringCM": {
+ "type": "object",
+ "description": "SpringCM SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "acsurl": {
+ "type": "string",
+ "description": "SpringCM ACS URL, e.g. `https://na11.springcm.com/atlas/sso/SSOEndpoint.ashx`."
+ }
+ }
+ },
+ "ClientAddonWAMS": {
+ "type": "object",
+ "description": "Windows Azure Mobile Services addon configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "masterkey": {
+ "type": "string",
+ "description": "Your master key for Windows Azure Mobile Services."
+ }
+ }
+ },
+ "ClientAddonWSFed": {
+ "type": "object",
+ "description": "WS-Fed (WIF) addon indicator. Actual configuration is stored in `callback` and `client_aliases` properties on the client.",
+ "additionalProperties": true
+ },
+ "ClientAddonZendesk": {
+ "type": "object",
+ "description": "Zendesk SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "accountName": {
+ "type": "string",
+ "description": "Zendesk account name usually first segment in your Zendesk URL. e.g. `https://acme-org.zendesk.com` would be `acme-org`."
+ }
+ }
+ },
+ "ClientAddonZoom": {
+ "type": "object",
+ "description": "Zoom SSO configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "account": {
+ "type": "string",
+ "description": "Zoom account name usually first segment of your Zoom URL, e.g. `https://acme-org.zoom.us` would be `acme-org`."
+ }
+ }
+ },
+ "ClientAddons": {
+ "type": "object",
+ "description": "Addons enabled for this client and their associated configurations.",
+ "additionalProperties": false,
+ "properties": {
+ "aws": {
+ "$ref": "#/components/schemas/ClientAddonAWS"
+ },
+ "azure_blob": {
+ "$ref": "#/components/schemas/ClientAddonAzureBlob"
+ },
+ "azure_sb": {
+ "$ref": "#/components/schemas/ClientAddonAzureSB"
+ },
+ "rms": {
+ "$ref": "#/components/schemas/ClientAddonRMS"
+ },
+ "mscrm": {
+ "$ref": "#/components/schemas/ClientAddonMSCRM"
+ },
+ "slack": {
+ "$ref": "#/components/schemas/ClientAddonSlack"
+ },
+ "sentry": {
+ "$ref": "#/components/schemas/ClientAddonSentry"
+ },
+ "box": {
+ "$ref": "#/components/schemas/ClientAddonBox"
+ },
+ "cloudbees": {
+ "$ref": "#/components/schemas/ClientAddonCloudBees"
+ },
+ "concur": {
+ "$ref": "#/components/schemas/ClientAddonConcur"
+ },
+ "dropbox": {
+ "$ref": "#/components/schemas/ClientAddonDropbox"
+ },
+ "echosign": {
+ "$ref": "#/components/schemas/ClientAddonEchoSign"
+ },
+ "egnyte": {
+ "$ref": "#/components/schemas/ClientAddonEgnyte"
+ },
+ "firebase": {
+ "$ref": "#/components/schemas/ClientAddonFirebase"
+ },
+ "newrelic": {
+ "$ref": "#/components/schemas/ClientAddonNewRelic"
+ },
+ "office365": {
+ "$ref": "#/components/schemas/ClientAddonOffice365"
+ },
+ "salesforce": {
+ "$ref": "#/components/schemas/ClientAddonSalesforce"
+ },
+ "salesforce_api": {
+ "$ref": "#/components/schemas/ClientAddonSalesforceAPI"
+ },
+ "salesforce_sandbox_api": {
+ "$ref": "#/components/schemas/ClientAddonSalesforceSandboxAPI"
+ },
+ "samlp": {
+ "$ref": "#/components/schemas/ClientAddonSAML"
+ },
+ "layer": {
+ "$ref": "#/components/schemas/ClientAddonLayer"
+ },
+ "sap_api": {
+ "$ref": "#/components/schemas/ClientAddonSAPAPI"
+ },
+ "sharepoint": {
+ "$ref": "#/components/schemas/ClientAddonSharePoint"
+ },
+ "springcm": {
+ "$ref": "#/components/schemas/ClientAddonSpringCM"
+ },
+ "wams": {
+ "$ref": "#/components/schemas/ClientAddonWAMS"
+ },
+ "wsfed": {
+ "$ref": "#/components/schemas/ClientAddonWSFed"
+ },
+ "zendesk": {
+ "$ref": "#/components/schemas/ClientAddonZendesk"
+ },
+ "zoom": {
+ "$ref": "#/components/schemas/ClientAddonZoom"
+ },
+ "sso_integration": {
+ "$ref": "#/components/schemas/ClientAddonSSOIntegration"
+ },
+ "oag": {
+ "$ref": "#/components/schemas/ClientAddonOAG"
+ }
+ }
+ },
+ "ClientAppTypeEnum": {
+ "type": "string",
+ "description": "The type of application this client represents",
+ "enum": [
+ "native",
+ "spa",
+ "regular_web",
+ "non_interactive",
+ "resource_server",
+ "express_configuration",
+ "rms",
+ "box",
+ "cloudbees",
+ "concur",
+ "dropbox",
+ "mscrm",
+ "echosign",
+ "egnyte",
+ "newrelic",
+ "office365",
+ "salesforce",
+ "sentry",
+ "sharepoint",
+ "slack",
+ "springcm",
+ "zendesk",
+ "zoom",
+ "sso_integration",
+ "oag"
+ ]
+ },
+ "ClientAuthenticationMethod": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Defines client authentication methods.",
+ "additionalProperties": false,
+ "properties": {
+ "private_key_jwt": {
+ "$ref": "#/components/schemas/PrivateKeyJWT"
+ },
+ "tls_client_auth": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethodTLSClientAuth"
+ },
+ "self_signed_tls_client_auth": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethodSelfSignedTLSClientAuth"
+ }
+ }
+ },
+ "ClientAuthenticationMethodSelfSignedTLSClientAuth": {
+ "type": "object",
+ "description": "Defines `self_signed_tls_client_auth` client authentication method. If the property is defined, the client is configured to use mTLS authentication method utilizing self-signed certificate.",
+ "additionalProperties": false,
+ "required": [
+ "credentials"
+ ],
+ "properties": {
+ "credentials": {
+ "type": "array",
+ "description": "A list of unique and previously created credential IDs enabled on the client for mTLS authentication utilizing self-signed certificate.",
+ "items": {
+ "$ref": "#/components/schemas/CredentialId"
+ }
+ }
+ }
+ },
+ "ClientAuthenticationMethodTLSClientAuth": {
+ "type": "object",
+ "description": "Defines `tls_client_auth` client authentication method. If the property is defined, the client is configured to use CA-based mTLS authentication method.",
+ "additionalProperties": false,
+ "required": [
+ "credentials"
+ ],
+ "properties": {
+ "credentials": {
+ "type": "array",
+ "description": "A list of unique and previously created credential IDs enabled on the client for CA-based mTLS authentication.",
+ "items": {
+ "$ref": "#/components/schemas/CredentialId"
+ }
+ }
+ }
+ },
+ "ClientComplianceLevelEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Defines the compliance level for this client, which may restrict it's capabilities",
+ "enum": [
+ "none",
+ "fapi1_adv_pkj_par",
+ "fapi1_adv_mtls_par",
+ "fapi2_sp_pkj_mtls",
+ "fapi2_sp_mtls_mtls",
+ null
+ ]
+ },
+ "ClientCreateAuthenticationMethod": {
+ "type": "object",
+ "description": "Defines client authentication methods.",
+ "additionalProperties": false,
+ "properties": {
+ "private_key_jwt": {
+ "$ref": "#/components/schemas/PrivateKeyJWT"
+ },
+ "tls_client_auth": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethodTLSClientAuth"
+ },
+ "self_signed_tls_client_auth": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethodSelfSignedTLSClientAuth"
+ }
+ }
+ },
+ "ClientCredential": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the credential. Generated on creation.",
+ "default": "cred_1m7sfABoNTTKYwTQ8qt6tX"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name given to the credential by the user.",
+ "default": ""
+ },
+ "kid": {
+ "type": "string",
+ "description": "The key identifier of the credential, generated on creation.",
+ "default": "IZSSTECp..."
+ },
+ "alg": {
+ "$ref": "#/components/schemas/ClientCredentialAlgorithmEnum"
+ },
+ "credential_type": {
+ "$ref": "#/components/schemas/ClientCredentialTypeEnum"
+ },
+ "subject_dn": {
+ "type": "string",
+ "description": "The X509 certificate's Subject Distinguished Name"
+ },
+ "thumbprint_sha256": {
+ "type": "string",
+ "description": "The X509 certificate's SHA256 thumbprint"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date the credential was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date the credential was updated.",
+ "format": "date-time"
+ },
+ "expires_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date representing the expiration of the credential.",
+ "format": "date-time"
+ }
+ }
+ },
+ "ClientCredentialAlgorithmEnum": {
+ "type": "string",
+ "description": "Algorithm which will be used with the credential. Supported algorithms: RS256,RS384,PS256",
+ "default": "RS256",
+ "enum": [
+ "RS256",
+ "RS384",
+ "PS256"
+ ]
+ },
+ "ClientCredentialTypeEnum": {
+ "type": "string",
+ "description": "The type of credential.",
+ "enum": [
+ "public_key",
+ "cert_subject_dn",
+ "x509_cert"
+ ]
+ },
+ "ClientDefaultOrganization": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Defines the default Organization ID and flows",
+ "additionalProperties": false,
+ "required": [
+ "organization_id",
+ "flows"
+ ],
+ "properties": {
+ "organization_id": {
+ "type": "string",
+ "description": "The default Organization ID to be used",
+ "format": "organization-id"
+ },
+ "flows": {
+ "type": "array",
+ "description": "The default Organization usage",
+ "items": {
+ "$ref": "#/components/schemas/ClientDefaultOrganizationFlowsEnum"
+ }
+ }
+ }
+ },
+ "ClientDefaultOrganizationFlowsEnum": {
+ "type": "string",
+ "enum": [
+ "client_credentials"
+ ]
+ },
+ "ClientEncryptionKey": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Encryption used for WsFed responses with this client.",
+ "additionalProperties": true,
+ "properties": {
+ "pub": {
+ "type": "string",
+ "description": "Encryption Public RSA Key."
+ },
+ "cert": {
+ "type": "string",
+ "description": "Encryption certificate for public key in X.509 (.CER) format."
+ },
+ "subject": {
+ "type": "string",
+ "description": "Encryption certificate name for this certificate in the format `/CN={domain}`."
+ }
+ }
+ },
+ "ClientGrantAllowAnyOrganizationEnum": {
+ "type": "boolean",
+ "description": "Optional filter on allow_any_organization.",
+ "enum": [
+ true
+ ]
+ },
+ "ClientGrantOrganizationNullableUsageEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Controls how organizations may be used with this grant",
+ "enum": [
+ "deny",
+ "allow",
+ "require",
+ null
+ ]
+ },
+ "ClientGrantOrganizationUsageEnum": {
+ "type": "string",
+ "description": "Defines whether organizations can be used with client credentials exchanges for this grant.",
+ "enum": [
+ "deny",
+ "allow",
+ "require"
+ ]
+ },
+ "ClientGrantResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the client grant."
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client."
+ },
+ "audience": {
+ "type": "string",
+ "description": "The audience (API identifier) of this client grant.",
+ "minLength": 1
+ },
+ "scope": {
+ "type": "array",
+ "description": "Scopes allowed for this client grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientGrantOrganizationUsageEnum"
+ },
+ "allow_any_organization": {
+ "type": "boolean",
+ "description": "If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."
+ },
+ "is_system": {
+ "type": "boolean",
+ "description": "If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."
+ },
+ "subject_type": {
+ "$ref": "#/components/schemas/ClientGrantSubjectTypeEnum"
+ },
+ "authorization_details_types": {
+ "type": "array",
+ "description": "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "x-release-lifecycle": "EA",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ }
+ },
+ "ClientGrantSubjectTypeEnum": {
+ "type": "string",
+ "description": "The type of application access the client grant allows. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "enum": [
+ "client",
+ "user"
+ ],
+ "x-release-lifecycle": "EA"
+ },
+ "ClientJwtConfiguration": {
+ "type": "object",
+ "description": "Configuration related to JWTs for the client.",
+ "additionalProperties": true,
+ "properties": {
+ "lifetime_in_seconds": {
+ "type": "integer",
+ "description": "Number of seconds the JWT will be valid for (affects `exp` claim).",
+ "default": 36000
+ },
+ "secret_encoded": {
+ "type": "boolean",
+ "description": "Whether the client secret is base64 encoded (true) or unencoded (false).",
+ "default": true
+ },
+ "scopes": {
+ "$ref": "#/components/schemas/ClientJwtConfigurationScopes"
+ },
+ "alg": {
+ "$ref": "#/components/schemas/SigningAlgorithmEnum"
+ }
+ }
+ },
+ "ClientJwtConfigurationScopes": {
+ "type": "object",
+ "description": "Configuration related to id token claims for the client.",
+ "additionalProperties": true
+ },
+ "ClientMetadata": {
+ "type": "object",
+ "description": "Metadata associated with the client, in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed. Field names (max 255 chars) are alphanumeric and may only include the following special characters: :,-+=_*?\"/\\()<>@\t[Tab] [Space]",
+ "additionalProperties": true
+ },
+ "ClientMobile": {
+ "type": "object",
+ "description": "Additional configuration for native mobile apps.",
+ "additionalProperties": true,
+ "properties": {
+ "android": {
+ "$ref": "#/components/schemas/ClientMobileAndroid"
+ },
+ "ios": {
+ "$ref": "#/components/schemas/ClientMobileiOS"
+ }
+ }
+ },
+ "ClientMobileAndroid": {
+ "type": "object",
+ "description": "Android native app configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "app_package_name": {
+ "type": "string",
+ "description": "App package name found in AndroidManifest.xml.",
+ "default": ""
+ },
+ "sha256_cert_fingerprints": {
+ "type": "array",
+ "description": "SHA256 fingerprints of the app's signing certificate. Multiple fingerprints can be used to support different versions of your app, such as debug and production builds.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ }
+ },
+ "ClientMobileiOS": {
+ "type": "object",
+ "description": "iOS native app configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "team_id": {
+ "type": "string",
+ "description": "Identifier assigned to the Apple account that signs and uploads the app to the store.",
+ "default": ""
+ },
+ "app_bundle_identifier": {
+ "type": "string",
+ "description": "Assigned by developer to the app as its unique identifier inside the store. Usually this is a reverse domain plus the app name, e.g. `com.you.MyApp`.",
+ "default": ""
+ }
+ }
+ },
+ "ClientOIDCBackchannelLogoutInitiators": {
+ "type": "object",
+ "description": "Configuration for OIDC backchannel logout initiators",
+ "additionalProperties": true,
+ "properties": {
+ "mode": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutInitiatorsModeEnum"
+ },
+ "selected_initiators": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutInitiatorsEnum"
+ }
+ }
+ }
+ },
+ "ClientOIDCBackchannelLogoutInitiatorsEnum": {
+ "type": "string",
+ "description": "The `selected_initiators` property contains the list of initiators to be enabled for the given application.",
+ "enum": [
+ "rp-logout",
+ "idp-logout",
+ "password-changed",
+ "session-expired",
+ "session-revoked",
+ "account-deleted",
+ "email-identifier-changed",
+ "mfa-phone-unenrolled",
+ "account-deactivated"
+ ]
+ },
+ "ClientOIDCBackchannelLogoutInitiatorsModeEnum": {
+ "type": "string",
+ "description": "The `mode` property determines the configuration method for enabling initiators. `custom` enables only the initiators listed in the selected_initiators array, `all` enables all current and future initiators.",
+ "enum": [
+ "custom",
+ "all"
+ ]
+ },
+ "ClientOIDCBackchannelLogoutSessionMetadata": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Controls whether session metadata is included in the logout token. Default value is null.",
+ "additionalProperties": true,
+ "properties": {
+ "include": {
+ "type": "boolean",
+ "description": "The `include` property determines whether session metadata is included in the logout token."
+ }
+ }
+ },
+ "ClientOIDCBackchannelLogoutSettings": {
+ "type": "object",
+ "description": "Configuration for OIDC backchannel logout",
+ "additionalProperties": true,
+ "properties": {
+ "backchannel_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.",
+ "items": {
+ "type": "string",
+ "format": "absolute-https-uri-or-empty"
+ }
+ },
+ "backchannel_logout_initiators": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutInitiators"
+ },
+ "backchannel_logout_session_metadata": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSessionMetadata"
+ }
+ }
+ },
+ "ClientOrganizationRequireBehaviorEnum": {
+ "type": "string",
+ "description": "Defines how to proceed during an authentication transaction when `client.organization_usage: 'require'`. Can be `no_prompt` (default), `pre_login_prompt` or `post_login_prompt`. `post_login_prompt` requires `oidc_conformant: true`.",
+ "default": "no_prompt",
+ "enum": [
+ "no_prompt",
+ "pre_login_prompt",
+ "post_login_prompt"
+ ]
+ },
+ "ClientOrganizationRequireBehaviorPatchEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Defines how to proceed during an authentication transaction when `client.organization_usage: 'require'`. Can be `no_prompt` (default), `pre_login_prompt` or `post_login_prompt`. `post_login_prompt` requires `oidc_conformant: true`.",
+ "default": "no_prompt",
+ "enum": [
+ "no_prompt",
+ "pre_login_prompt",
+ "post_login_prompt",
+ null
+ ]
+ },
+ "ClientOrganizationUsageEnum": {
+ "type": "string",
+ "description": "Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`.",
+ "default": "deny",
+ "enum": [
+ "deny",
+ "allow",
+ "require"
+ ]
+ },
+ "ClientOrganizationUsagePatchEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Defines how to proceed during an authentication transaction with regards an organization. Can be `deny` (default), `allow` or `require`.",
+ "default": "deny",
+ "enum": [
+ "deny",
+ "allow",
+ "require",
+ null
+ ]
+ },
+ "ClientRefreshTokenConfiguration": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Refresh token configuration",
+ "additionalProperties": false,
+ "required": [
+ "rotation_type",
+ "expiration_type"
+ ],
+ "properties": {
+ "rotation_type": {
+ "$ref": "#/components/schemas/RefreshTokenRotationTypeEnum"
+ },
+ "expiration_type": {
+ "$ref": "#/components/schemas/RefreshTokenExpirationTypeEnum"
+ },
+ "leeway": {
+ "type": "integer",
+ "description": "Period in seconds where the previous refresh token can be exchanged without triggering breach detection",
+ "default": 0
+ },
+ "token_lifetime": {
+ "type": "integer",
+ "description": "Period (in seconds) for which refresh tokens will remain valid"
+ },
+ "infinite_token_lifetime": {
+ "type": "boolean",
+ "description": "Prevents tokens from having a set lifetime when `true` (takes precedence over `token_lifetime` values)"
+ },
+ "idle_token_lifetime": {
+ "type": "integer",
+ "description": "Period (in seconds) for which refresh tokens will remain valid without use"
+ },
+ "infinite_idle_token_lifetime": {
+ "type": "boolean",
+ "description": "Prevents tokens from expiring without use when `true` (takes precedence over `idle_token_lifetime` values)",
+ "default": false
+ }
+ }
+ },
+ "ClientSessionTransferAllowedAuthenticationMethodsEnum": {
+ "type": "string",
+ "enum": [
+ "cookie",
+ "query"
+ ]
+ },
+ "ClientSessionTransferConfiguration": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Native to Web SSO Configuration",
+ "additionalProperties": false,
+ "properties": {
+ "can_create_session_transfer_token": {
+ "type": "boolean",
+ "description": "Indicates whether an app can issue a session_token through Token Exchange. If set to 'false', the app will not be able to issue a session_token.",
+ "default": false
+ },
+ "allowed_authentication_methods": {
+ "type": "array",
+ "description": "Indicates whether an app can create a session from a session_token received via indicated methods.",
+ "items": {
+ "$ref": "#/components/schemas/ClientSessionTransferAllowedAuthenticationMethodsEnum"
+ }
+ },
+ "enforce_device_binding": {
+ "$ref": "#/components/schemas/ClientSessionTransferDeviceBindingEnum"
+ },
+ "allow_refresh_token": {
+ "type": "boolean",
+ "description": "Indicates whether Refresh Tokens are allowed to be issued when authenticating with a session_transfer_token.",
+ "default": false
+ },
+ "enforce_online_refresh_tokens": {
+ "type": "boolean",
+ "description": "Indicates whether Refresh Tokens created during a native-to-web session are tied to that session's lifetime. This determines if such refresh tokens should be automatically revoked when their corresponding sessions are.",
+ "default": true
+ },
+ "enforce_cascade_revocation": {
+ "type": "boolean",
+ "description": "Indicates whether revoking the parent Refresh Token that initiated a Native to Web flow and was used to issue a Session Transfer Token should trigger a cascade revocation affecting its dependent child entities.",
+ "default": true
+ }
+ }
+ },
+ "ClientSessionTransferDeviceBindingEnum": {
+ "type": "string",
+ "description": "Indicates whether device binding security should be enforced for the app. If set to 'ip', the app will enforce device binding by IP, meaning that consumption of session_token must be done from the same IP of the issuer. Likewise, if set to 'asn', device binding is enforced by ASN, meaning consumption of session_token must be done from the same ASN as the issuer. If set to 'null', device binding is not enforced.",
+ "default": "ip",
+ "enum": [
+ "ip",
+ "asn",
+ "none"
+ ]
+ },
+ "ClientSignedRequestObjectWithCredentialId": {
+ "type": "object",
+ "description": "JWT-secured Authorization Requests (JAR) settings.",
+ "additionalProperties": false,
+ "properties": {
+ "required": {
+ "type": "boolean",
+ "description": "Indicates whether the JAR requests are mandatory",
+ "default": false
+ },
+ "credentials": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/CredentialId"
+ }
+ }
+ }
+ },
+ "ClientSignedRequestObjectWithPublicKey": {
+ "type": "object",
+ "description": "JWT-secured Authorization Requests (JAR) settings.",
+ "additionalProperties": false,
+ "properties": {
+ "required": {
+ "type": "boolean",
+ "description": "Indicates whether the JAR requests are mandatory",
+ "default": false
+ },
+ "credentials": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/PublicKeyCredential"
+ }
+ }
+ }
+ },
+ "ClientSigningKey": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "pkcs7": {
+ "type": "string",
+ "description": "Signing certificate public key and chain in PKCS#7 (.P7B) format.",
+ "default": ""
+ },
+ "cert": {
+ "type": "string",
+ "description": "Signing certificate public key in X.509 (.CER) format.",
+ "default": ""
+ },
+ "subject": {
+ "type": "string",
+ "description": "Subject name for this certificate in the format `/CN={domain}`.",
+ "default": ""
+ }
+ }
+ },
+ "ClientSigningKeys": {
+ "type": "array",
+ "description": "Signing certificates associated with this client.",
+ "items": {
+ "$ref": "#/components/schemas/ClientSigningKey"
+ }
+ },
+ "ClientTokenEndpointAuthMethodEnum": {
+ "type": "string",
+ "description": "Defines the requested authentication method for the token endpoint. Can be `none` (public client without a client secret), `client_secret_post` (client uses HTTP POST parameters), or `client_secret_basic` (client uses HTTP Basic).",
+ "default": "none",
+ "enum": [
+ "none",
+ "client_secret_post",
+ "client_secret_basic"
+ ]
+ },
+ "ClientTokenEndpointAuthMethodOrNullEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Defines the requested authentication method for the token endpoint. Can be `none` (public client without a client secret), `client_secret_post` (client uses HTTP POST parameters), or `client_secret_basic` (client uses HTTP Basic).",
+ "default": "none",
+ "enum": [
+ "none",
+ "client_secret_post",
+ "client_secret_basic",
+ null
+ ]
+ },
+ "ConnectionAttributeIdentifier": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "active": {
+ "type": "boolean",
+ "description": "Determines if the attribute is used for identification"
+ }
+ }
+ },
+ "ConnectionAttributes": {
+ "type": "object",
+ "description": "Attribute configuration",
+ "additionalProperties": false,
+ "properties": {
+ "email": {
+ "$ref": "#/components/schemas/EmailAttribute"
+ },
+ "phone_number": {
+ "$ref": "#/components/schemas/PhoneAttribute"
+ },
+ "username": {
+ "$ref": "#/components/schemas/UsernameAttribute"
+ }
+ }
+ },
+ "ConnectionAuthenticationMethods": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for enabling authentication methods.",
+ "additionalProperties": false,
+ "properties": {
+ "password": {
+ "$ref": "#/components/schemas/ConnectionPasswordAuthenticationMethod"
+ },
+ "passkey": {
+ "$ref": "#/components/schemas/ConnectionPasskeyAuthenticationMethod"
+ }
+ }
+ },
+ "ConnectionCustomScripts": {
+ "type": "object",
+ "description": "A map of scripts used to integrate with a custom database.",
+ "additionalProperties": true,
+ "properties": {
+ "login": {
+ "type": "string",
+ "minLength": 1
+ },
+ "get_user": {
+ "type": "string",
+ "minLength": 1
+ },
+ "delete": {
+ "type": "string",
+ "minLength": 1
+ },
+ "change_password": {
+ "type": "string",
+ "minLength": 1
+ },
+ "verify": {
+ "type": "string",
+ "minLength": 1
+ },
+ "create": {
+ "type": "string",
+ "minLength": 1
+ },
+ "change_username": {
+ "type": "string",
+ "minLength": 1
+ },
+ "change_email": {
+ "type": "string",
+ "minLength": 1
+ },
+ "change_phone_number": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "ConnectionEnabledClient": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "client_id"
+ ],
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "The client id"
+ }
+ }
+ },
+ "ConnectionForList": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the connection",
+ "default": "My connection"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Connection name used in login screen"
+ },
+ "options": {
+ "$ref": "#/components/schemas/ConnectionOptions"
+ },
+ "id": {
+ "type": "string",
+ "description": "The connection's identifier",
+ "default": "con_0000000000000001"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The type of the connection, related to the identity provider",
+ "default": "auth0"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "True if the connection is domain level"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD."
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "ConnectionForOrganization": {
+ "type": "object",
+ "description": "Connection to be added to the organization.",
+ "additionalProperties": false,
+ "required": [
+ "connection_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "ID of the connection."
+ },
+ "assign_membership_on_login": {
+ "type": "boolean",
+ "description": "When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection."
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true."
+ },
+ "is_signup_enabled": {
+ "type": "boolean",
+ "description": "Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false."
+ }
+ }
+ },
+ "ConnectionGatewayAuthentication": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Token-based authentication settings to be applied when connection is using an sms strategy.",
+ "additionalProperties": true,
+ "required": [
+ "method",
+ "audience",
+ "secret"
+ ],
+ "properties": {
+ "method": {
+ "type": "string",
+ "description": "The Authorization header type."
+ },
+ "subject": {
+ "type": "string",
+ "description": "The subject to be added to the JWT payload."
+ },
+ "audience": {
+ "type": "string",
+ "description": "The audience to be added to the JWT payload."
+ },
+ "secret": {
+ "type": "string",
+ "description": "The secret to be used for signing tokens."
+ },
+ "secret_base64_encoded": {
+ "type": "boolean",
+ "description": "Set to true if the provided secret is base64 encoded."
+ }
+ }
+ },
+ "ConnectionIdentifierPrecedenceEnum": {
+ "type": "string",
+ "description": "Order of precedence for attribute types",
+ "enum": [
+ "email",
+ "phone_number",
+ "username"
+ ]
+ },
+ "ConnectionIdentityProviderEnum": {
+ "type": "string",
+ "description": "The identity provider identifier for the connection",
+ "enum": [
+ "ad",
+ "adfs",
+ "amazon",
+ "apple",
+ "dropbox",
+ "bitbucket",
+ "aol",
+ "auth0-oidc",
+ "auth0",
+ "baidu",
+ "bitly",
+ "box",
+ "custom",
+ "daccount",
+ "dwolla",
+ "email",
+ "evernote-sandbox",
+ "evernote",
+ "exact",
+ "facebook",
+ "fitbit",
+ "flickr",
+ "github",
+ "google-apps",
+ "google-oauth2",
+ "instagram",
+ "ip",
+ "line",
+ "linkedin",
+ "miicard",
+ "oauth1",
+ "oauth2",
+ "office365",
+ "oidc",
+ "okta",
+ "paypal",
+ "paypal-sandbox",
+ "pingfederate",
+ "planningcenter",
+ "renren",
+ "salesforce-community",
+ "salesforce-sandbox",
+ "salesforce",
+ "samlp",
+ "sharepoint",
+ "shopify",
+ "shop",
+ "sms",
+ "soundcloud",
+ "thecity-sandbox",
+ "thecity",
+ "thirtysevensignals",
+ "twitter",
+ "untappd",
+ "vkontakte",
+ "waad",
+ "weibo",
+ "windowslive",
+ "wordpress",
+ "yahoo",
+ "yammer",
+ "yandex"
+ ]
+ },
+ "ConnectionKey": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "cert",
+ "kid",
+ "fingerprint",
+ "thumbprint"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "The key id of the signing key",
+ "maxLength": 255
+ },
+ "cert": {
+ "type": "string",
+ "description": "The public certificate of the signing key",
+ "default": "-----BEGIN CERTIFICATE-----\r\nMIIDDTCCA...YiA0TQhAt8=\r\n-----END CERTIFICATE-----",
+ "maxLength": 4096
+ },
+ "pkcs": {
+ "type": "string",
+ "description": "The public certificate of the signing key in pkcs7 format",
+ "default": "-----BEGIN PKCS7-----\r\nMIIDPA....t8xAA==\r\n-----END PKCS7-----",
+ "maxLength": 4096
+ },
+ "current": {
+ "type": "boolean",
+ "description": "True if the key is the the current key",
+ "default": true
+ },
+ "next": {
+ "type": "boolean",
+ "description": "True if the key is the the next key"
+ },
+ "previous": {
+ "type": "boolean",
+ "description": "True if the key is the the previous key"
+ },
+ "current_since": {
+ "type": "string",
+ "description": "The date and time when the key became the current key"
+ },
+ "fingerprint": {
+ "type": "string",
+ "description": "The cert fingerprint",
+ "default": "CC:FB:DD:D8:9A:B5:DE:1B:F0:CC:36:D2:99:59:21:12:03:DD:A8:25"
+ },
+ "thumbprint": {
+ "type": "string",
+ "description": "The cert thumbprint",
+ "default": "CCFBDDD89AB5DE1BF0CC36D29959211203DDA825",
+ "maxLength": 255
+ },
+ "algorithm": {
+ "type": "string",
+ "description": "Signing key algorithm"
+ },
+ "key_use": {
+ "$ref": "#/components/schemas/ConnectionKeyUseEnum"
+ },
+ "subject_dn": {
+ "type": "string",
+ "maxLength": 132
+ }
+ }
+ },
+ "ConnectionKeyUseEnum": {
+ "type": "string",
+ "description": "Signing key use, whether for encryption or signing",
+ "enum": [
+ "encryption",
+ "signing"
+ ]
+ },
+ "ConnectionOptions": {
+ "type": "object",
+ "description": "In order to return options in the response, the `read:connections_options` scope must be present",
+ "additionalProperties": true
+ },
+ "ConnectionPasskeyAuthenticationMethod": {
+ "type": "object",
+ "description": "Passkey authentication enablement",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Determines whether passkeys are enabled"
+ }
+ }
+ },
+ "ConnectionPasskeyChallengeUIEnum": {
+ "type": "string",
+ "description": "Controls the UI used to challenge the user for their passkey.",
+ "enum": [
+ "both",
+ "autofill",
+ "button"
+ ]
+ },
+ "ConnectionPasskeyOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for the passkey authentication method",
+ "additionalProperties": false,
+ "properties": {
+ "challenge_ui": {
+ "$ref": "#/components/schemas/ConnectionPasskeyChallengeUIEnum"
+ },
+ "progressive_enrollment_enabled": {
+ "type": "boolean",
+ "description": "Enables or disables progressive enrollment of passkeys for the connection."
+ },
+ "local_enrollment_enabled": {
+ "type": "boolean",
+ "description": "Enables or disables enrollment prompt for local passkey when user authenticates using a cross-device passkey for the connection."
+ }
+ }
+ },
+ "ConnectionPasswordAuthenticationMethod": {
+ "type": "object",
+ "description": "Password authentication enablement",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Determines whether passwords are enabled"
+ }
+ }
+ },
+ "ConnectionPasswordComplexityOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Password complexity options",
+ "additionalProperties": false,
+ "properties": {
+ "min_length": {
+ "type": "integer",
+ "description": "Minimum password length"
+ }
+ }
+ },
+ "ConnectionPasswordDictionaryOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for password dictionary policy",
+ "additionalProperties": false,
+ "required": [
+ "enable"
+ ],
+ "properties": {
+ "enable": {
+ "type": "boolean"
+ },
+ "dictionary": {
+ "type": "array",
+ "description": "Custom Password Dictionary. An array of up to 200 entries.",
+ "items": {
+ "type": "string",
+ "description": "Custom Password Dictionary entry. 50 characters max.",
+ "maxLength": 50
+ }
+ }
+ }
+ },
+ "ConnectionPasswordHistoryOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for password history policy",
+ "additionalProperties": false,
+ "required": [
+ "enable"
+ ],
+ "properties": {
+ "enable": {
+ "type": "boolean"
+ },
+ "size": {
+ "type": "integer"
+ }
+ }
+ },
+ "ConnectionPasswordNoPersonalInfoOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for personal info in passwords policy",
+ "additionalProperties": false,
+ "required": [
+ "enable"
+ ],
+ "properties": {
+ "enable": {
+ "type": "boolean"
+ }
+ }
+ },
+ "ConnectionPasswordPolicyEnum": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Password strength level",
+ "enum": [
+ "none",
+ "low",
+ "fair",
+ "good",
+ "excellent",
+ null
+ ]
+ },
+ "ConnectionPropertiesOptions": {
+ "type": "object",
+ "description": "The connection's options (depend on the connection strategy)",
+ "additionalProperties": true,
+ "properties": {
+ "validation": {
+ "$ref": "#/components/schemas/ConnectionValidationOptions"
+ },
+ "non_persistent_attrs": {
+ "type": "array",
+ "description": "An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)",
+ "items": {
+ "type": "string"
+ }
+ },
+ "precedence": {
+ "type": "array",
+ "description": "Order of precedence for attribute types. If the property is not specified, the default precedence of attributes will be used.",
+ "items": {
+ "$ref": "#/components/schemas/ConnectionIdentifierPrecedenceEnum"
+ }
+ },
+ "attributes": {
+ "$ref": "#/components/schemas/ConnectionAttributes"
+ },
+ "enable_script_context": {
+ "type": "boolean"
+ },
+ "enabledDatabaseCustomization": {
+ "type": "boolean",
+ "description": "Set to true to use a legacy user store"
+ },
+ "import_mode": {
+ "type": "boolean",
+ "description": "Enable this if you have a legacy user store and you want to gradually migrate those users to the Auth0 user store"
+ },
+ "customScripts": {
+ "$ref": "#/components/schemas/ConnectionCustomScripts"
+ },
+ "authentication_methods": {
+ "$ref": "#/components/schemas/ConnectionAuthenticationMethods"
+ },
+ "passkey_options": {
+ "$ref": "#/components/schemas/ConnectionPasskeyOptions"
+ },
+ "passwordPolicy": {
+ "$ref": "#/components/schemas/ConnectionPasswordPolicyEnum"
+ },
+ "password_complexity_options": {
+ "$ref": "#/components/schemas/ConnectionPasswordComplexityOptions"
+ },
+ "password_history": {
+ "$ref": "#/components/schemas/ConnectionPasswordHistoryOptions"
+ },
+ "password_no_personal_info": {
+ "$ref": "#/components/schemas/ConnectionPasswordNoPersonalInfoOptions"
+ },
+ "password_dictionary": {
+ "$ref": "#/components/schemas/ConnectionPasswordDictionaryOptions"
+ },
+ "api_enable_users": {
+ "type": "boolean"
+ },
+ "basic_profile": {
+ "type": "boolean"
+ },
+ "ext_admin": {
+ "type": "boolean"
+ },
+ "ext_is_suspended": {
+ "type": "boolean"
+ },
+ "ext_agreed_terms": {
+ "type": "boolean"
+ },
+ "ext_groups": {
+ "type": "boolean"
+ },
+ "ext_assigned_plans": {
+ "type": "boolean"
+ },
+ "ext_profile": {
+ "type": "boolean"
+ },
+ "disable_self_service_change_password": {
+ "type": "boolean"
+ },
+ "upstream_params": {
+ "$ref": "#/components/schemas/ConnectionUpstreamParams"
+ },
+ "set_user_root_attributes": {
+ "$ref": "#/components/schemas/ConnectionSetUserRootAttributesEnum"
+ },
+ "gateway_authentication": {
+ "$ref": "#/components/schemas/ConnectionGatewayAuthentication"
+ }
+ }
+ },
+ "ConnectionSetUserRootAttributesEnum": {
+ "type": "string",
+ "description": "When using an external IdP, this flag determines whether 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes are updated. In addition, it also determines whether the user is created when user doesnt exist previously. Possible values are 'on_each_login' (default value, it configures the connection to automatically create the user if necessary and update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to create the user and set the root attributes on first login only, allowing them to be independently updated thereafter), and 'never_on_login' (configures the connection not to create the user and not to set the root attributes from the external IdP, allowing them to be independently updated).",
+ "default": "on_each_login",
+ "enum": [
+ "on_each_login",
+ "on_first_login",
+ "never_on_login"
+ ]
+ },
+ "ConnectionStrategyEnum": {
+ "type": "string",
+ "enum": [
+ "ad",
+ "adfs",
+ "amazon",
+ "apple",
+ "dropbox",
+ "bitbucket",
+ "aol",
+ "auth0-oidc",
+ "auth0",
+ "baidu",
+ "bitly",
+ "box",
+ "custom",
+ "daccount",
+ "dwolla",
+ "email",
+ "evernote-sandbox",
+ "evernote",
+ "exact",
+ "facebook",
+ "fitbit",
+ "flickr",
+ "github",
+ "google-apps",
+ "google-oauth2",
+ "instagram",
+ "ip",
+ "line",
+ "linkedin",
+ "miicard",
+ "oauth1",
+ "oauth2",
+ "office365",
+ "oidc",
+ "okta",
+ "paypal",
+ "paypal-sandbox",
+ "pingfederate",
+ "planningcenter",
+ "renren",
+ "salesforce-community",
+ "salesforce-sandbox",
+ "salesforce",
+ "samlp",
+ "sharepoint",
+ "shopify",
+ "shop",
+ "sms",
+ "soundcloud",
+ "thecity-sandbox",
+ "thecity",
+ "thirtysevensignals",
+ "twitter",
+ "untappd",
+ "vkontakte",
+ "waad",
+ "weibo",
+ "windowslive",
+ "wordpress",
+ "yahoo",
+ "yammer",
+ "yandex",
+ "auth0-adldap"
+ ]
+ },
+ "ConnectionUpstreamParams": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for adding parameters in the request to the upstream IdP",
+ "additionalProperties": true
+ },
+ "ConnectionUsernameValidationOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "additionalProperties": false,
+ "required": [
+ "max",
+ "min"
+ ],
+ "properties": {
+ "min": {
+ "type": "integer"
+ },
+ "max": {
+ "type": "integer"
+ }
+ }
+ },
+ "ConnectionValidationOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Options for validation",
+ "additionalProperties": false,
+ "properties": {
+ "username": {
+ "$ref": "#/components/schemas/ConnectionUsernameValidationOptions"
+ }
+ }
+ },
+ "ConnectionsMetadata": {
+ "type": "object",
+ "description": "Metadata associated with the connection in the form of an object with string values (max 255 chars). Maximum of 10 metadata properties allowed.",
+ "additionalProperties": true
+ },
+ "CreateActionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "supported_triggers"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of an action.",
+ "default": "my-action"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this action supports. At this time, an action can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this action depends on.",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`, defaults to `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretRequest"
+ }
+ },
+ "deploy": {
+ "type": "boolean",
+ "description": "True if the action should be deployed after creation.",
+ "default": false
+ }
+ }
+ },
+ "CreateActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the action.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of an action.",
+ "default": "my-action"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this action supports. At this time, an action can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ },
+ "all_changes_deployed": {
+ "type": "boolean",
+ "description": "True if all of an Action's contents have been deployed.",
+ "default": false
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this action was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this action was updated.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this action depends on.",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`, defaults to `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "deployed_version": {
+ "$ref": "#/components/schemas/ActionDeployedVersion"
+ },
+ "installed_integration_id": {
+ "type": "string",
+ "description": "installed_integration_id is the fk reference to the InstalledIntegration entity.",
+ "default": "7d2bc0c9-c0c2-433a-9f4e-86ef80270aad"
+ },
+ "integration": {
+ "$ref": "#/components/schemas/Integration"
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionBuildStatusEnum"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this action was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "deploy": {
+ "type": "boolean",
+ "description": "True if the action should be deployed after creation.",
+ "default": false
+ }
+ }
+ },
+ "CreateBrandingPhoneProviderRequestContent": {
+ "type": "object",
+ "description": "Phone provider configuration schema",
+ "additionalProperties": true,
+ "required": [
+ "name",
+ "credentials"
+ ],
+ "properties": {
+ "name": {
+ "$ref": "#/components/schemas/PhoneProviderNameEnum"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (false) or disabled (true)."
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/PhoneProviderConfiguration"
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/PhoneProviderCredentials"
+ }
+ }
+ },
+ "CreateBrandingPhoneProviderResponseContent": {
+ "type": "object",
+ "description": "Phone provider configuration schema",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "credentials"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "tenant": {
+ "type": "string",
+ "description": "The name of the tenant",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "name": {
+ "$ref": "#/components/schemas/PhoneProviderNameEnum"
+ },
+ "channel": {
+ "$ref": "#/components/schemas/PhoneProviderChannelEnum"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (false) or disabled (true)."
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/PhoneProviderConfiguration"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The provider's creation date and time in ISO 8601 format",
+ "maxLength": 27,
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The date and time of the last update to the provider in ISO 8601 format",
+ "maxLength": 27,
+ "format": "date-time"
+ }
+ }
+ },
+ "CreateBrandingThemeRequestContent": {
+ "type": "object",
+ "description": "Branding theme",
+ "additionalProperties": false,
+ "required": [
+ "borders",
+ "colors",
+ "fonts",
+ "page_background",
+ "widget"
+ ],
+ "properties": {
+ "borders": {
+ "$ref": "#/components/schemas/BrandingThemeBorders"
+ },
+ "colors": {
+ "$ref": "#/components/schemas/BrandingThemeColors"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "Display Name",
+ "maxLength": 2048
+ },
+ "fonts": {
+ "$ref": "#/components/schemas/BrandingThemeFonts"
+ },
+ "page_background": {
+ "$ref": "#/components/schemas/BrandingThemePageBackground"
+ },
+ "widget": {
+ "$ref": "#/components/schemas/BrandingThemeWidget"
+ }
+ }
+ },
+ "CreateBrandingThemeResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "borders",
+ "colors",
+ "displayName",
+ "fonts",
+ "page_background",
+ "themeId",
+ "widget"
+ ],
+ "properties": {
+ "borders": {
+ "$ref": "#/components/schemas/BrandingThemeBorders"
+ },
+ "colors": {
+ "$ref": "#/components/schemas/BrandingThemeColors"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "Display Name",
+ "maxLength": 2048
+ },
+ "fonts": {
+ "$ref": "#/components/schemas/BrandingThemeFonts"
+ },
+ "page_background": {
+ "$ref": "#/components/schemas/BrandingThemePageBackground"
+ },
+ "themeId": {
+ "type": "string",
+ "description": "Theme Id",
+ "maxLength": 32
+ },
+ "widget": {
+ "$ref": "#/components/schemas/BrandingThemeWidget"
+ }
+ }
+ },
+ "CreateClientGrantRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "client_id",
+ "audience",
+ "scope"
+ ],
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client."
+ },
+ "audience": {
+ "type": "string",
+ "description": "The audience (API identifier) of this client grant",
+ "minLength": 1
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientGrantOrganizationUsageEnum"
+ },
+ "allow_any_organization": {
+ "type": "boolean",
+ "description": "If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations.",
+ "default": false
+ },
+ "scope": {
+ "type": "array",
+ "description": "Scopes allowed for this client grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 280
+ }
+ },
+ "subject_type": {
+ "$ref": "#/components/schemas/ClientGrantSubjectTypeEnum"
+ },
+ "authorization_details_types": {
+ "type": "array",
+ "description": "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "x-release-lifecycle": "EA",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ }
+ },
+ "CreateClientGrantResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the client grant."
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client."
+ },
+ "audience": {
+ "type": "string",
+ "description": "The audience (API identifier) of this client grant.",
+ "minLength": 1
+ },
+ "scope": {
+ "type": "array",
+ "description": "Scopes allowed for this client grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientGrantOrganizationUsageEnum"
+ },
+ "allow_any_organization": {
+ "type": "boolean",
+ "description": "If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."
+ },
+ "is_system": {
+ "type": "boolean",
+ "description": "If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."
+ },
+ "subject_type": {
+ "$ref": "#/components/schemas/ClientGrantSubjectTypeEnum"
+ },
+ "authorization_details_types": {
+ "type": "array",
+ "description": "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "x-release-lifecycle": "EA",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ }
+ },
+ "CreateClientRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of this client (min length: 1 character, does not allow `<` or `>`)."
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of this client (max length: 140 characters).",
+ "maxLength": 140
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "URL of the logo to display for this client. Recommended size is 150x150 pixels.",
+ "format": "absolute-uri-or-empty"
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.",
+ "items": {
+ "type": "string",
+ "format": "callback-url"
+ }
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "oidc_backchannel_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences/realms for SAML protocol. Used by the wsfed addon.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodEnum"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client or not",
+ "default": true
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).",
+ "default": false
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false)."
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false).",
+ "default": false
+ },
+ "cross_origin_loc": {
+ "type": "string",
+ "description": "URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url"
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "true to disable Single Sign On, false otherwise (default: false)"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "true if the custom login page is to be used, false otherwise. Defaults to true"
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page.",
+ "minLength": 1
+ },
+ "custom_login_page_preview": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page. (Used on Previews)",
+ "minLength": 1
+ },
+ "form_template": {
+ "type": "string",
+ "description": "HTML form template to be used for WS-Federation.",
+ "minLength": 1
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {
+ "$ref": "#/components/schemas/NativeSocialLogin"
+ },
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsageEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientCreateAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithPublicKey"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/CreateTokenQuota"
+ },
+ "resource_server_identifier": {
+ "type": "string",
+ "description": "The identifier of the resource server that this client is linked to.",
+ "minLength": 1,
+ "maxLength": 600
+ }
+ }
+ },
+ "CreateClientResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of this client.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ },
+ "tenant": {
+ "type": "string",
+ "description": "Name of the tenant this client belongs to.",
+ "default": ""
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this client (min length: 1 character, does not allow `<` or `>`).",
+ "default": "My application"
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of this client (max length: 140 characters).",
+ "default": ""
+ },
+ "global": {
+ "type": "boolean",
+ "description": "Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false).",
+ "default": false
+ },
+ "client_secret": {
+ "type": "string",
+ "description": "Client secret (which you must not make public).",
+ "default": "MG_TNT2ver-SylNat-_VeMmd-4m0Waba0jr1troztBniSChEw0glxEmgEi2Kw40H"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "URL of the logo to display for this client. Recommended size is 150x150 pixels."
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client (true) or not (false).",
+ "default": false
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).",
+ "default": false
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences/realms for SAML protocol. Used by the wsfed addon.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "signing_keys": {
+ "$ref": "#/components/schemas/ClientSigningKeys"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false).",
+ "default": false
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "Whether Single Sign On is disabled (true) or enabled (true). Defaults to true.",
+ "default": false
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."
+ },
+ "cross_origin_loc": {
+ "type": "string",
+ "description": "URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "Whether a custom login page is to be used (true) or the default provided login page (false).",
+ "default": true
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page.",
+ "default": ""
+ },
+ "custom_login_page_preview": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page. (Used on Previews)",
+ "default": ""
+ },
+ "form_template": {
+ "type": "string",
+ "description": "HTML form template to be used for WS-Federation.",
+ "default": ""
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodEnum"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {},
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsageEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithCredentialId"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "CreateConnectionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "strategy"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the connection. Must start and end with an alphanumeric character and can only contain alphanumeric characters and '-'. Max length 128",
+ "maxLength": 128
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Connection name used in the new universal login experience",
+ "maxLength": 128
+ },
+ "strategy": {
+ "$ref": "#/components/schemas/ConnectionIdentityProviderEnum"
+ },
+ "options": {
+ "$ref": "#/components/schemas/ConnectionPropertiesOptions"
+ },
+ "enabled_clients": {
+ "type": "array",
+ "description": "DEPRECATED property. Use the PATCH /v2/connections/{id}/clients endpoint to enable the connection for a set of clients.",
+ "x-release-lifecycle": "deprecated",
+ "items": {
+ "type": "string",
+ "description": "The id of the client to for which the connection is to be enabled. ",
+ "format": "client-id"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.)"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.)"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "CreateConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the connection",
+ "default": "My connection"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Connection name used in login screen"
+ },
+ "options": {
+ "$ref": "#/components/schemas/ConnectionOptions"
+ },
+ "id": {
+ "type": "string",
+ "description": "The connection's identifier",
+ "default": "con_0000000000000001"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The type of the connection, related to the identity provider",
+ "default": "auth0"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "enabled_clients": {
+ "type": "array",
+ "description": "DEPRECATED property. Use the GET /connections/:id/clients endpoint to get the ids of the clients for which the connection is enabled",
+ "x-release-lifecycle": "deprecated",
+ "items": {
+ "type": "string",
+ "description": "The client id"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "True if the connection is domain level"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD."
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "CreateCustomDomainRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "domain",
+ "type"
+ ],
+ "properties": {
+ "domain": {
+ "type": "string",
+ "description": "Domain name."
+ },
+ "type": {
+ "$ref": "#/components/schemas/CustomDomainProvisioningTypeEnum"
+ },
+ "verification_method": {
+ "$ref": "#/components/schemas/CustomDomainVerificationMethodEnum"
+ },
+ "tls_policy": {
+ "$ref": "#/components/schemas/CustomDomainTlsPolicyEnum"
+ },
+ "custom_client_ip_header": {
+ "$ref": "#/components/schemas/CustomDomainCustomClientIpHeader"
+ }
+ }
+ },
+ "CreateCustomDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "custom_domain_id",
+ "domain",
+ "primary",
+ "status",
+ "type",
+ "verification"
+ ],
+ "properties": {
+ "custom_domain_id": {
+ "type": "string",
+ "description": "ID of the custom domain.",
+ "default": "cd_0000000000000001"
+ },
+ "domain": {
+ "type": "string",
+ "description": "Domain name.",
+ "default": "login.mycompany.com"
+ },
+ "primary": {
+ "type": "boolean",
+ "description": "Whether this is a primary domain (true) or not (false).",
+ "default": false
+ },
+ "type": {
+ "$ref": "#/components/schemas/CustomDomainTypeEnum"
+ },
+ "verification": {
+ "$ref": "#/components/schemas/DomainVerification"
+ },
+ "custom_client_ip_header": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The HTTP header to fetch the client's IP address"
+ },
+ "tls_policy": {
+ "type": "string",
+ "description": "The TLS version policy",
+ "default": "recommended"
+ }
+ }
+ },
+ "CreateEmailProviderRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "credentials"
+ ],
+ "properties": {
+ "name": {
+ "$ref": "#/components/schemas/EmailProviderNameEnum"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (true) or disabled (false).",
+ "default": true
+ },
+ "default_from_address": {
+ "type": "string",
+ "description": "Email address to use as \"from\" when no other address specified."
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/EmailProviderCredentialsSchema"
+ },
+ "settings": {
+ "$ref": "#/components/schemas/EmailSpecificProviderSettingsWithAdditionalProperties"
+ }
+ }
+ },
+ "CreateEmailProviderResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`.",
+ "default": "sendgrid"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (true) or disabled (false).",
+ "default": true
+ },
+ "default_from_address": {
+ "type": "string",
+ "description": "Email address to use as \"from\" when no other address specified."
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/EmailProviderCredentials"
+ },
+ "settings": {
+ "$ref": "#/components/schemas/EmailProviderSettings"
+ }
+ }
+ },
+ "CreateEmailTemplateRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "template",
+ "body",
+ "from",
+ "subject",
+ "syntax",
+ "enabled"
+ ],
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "CreateEmailTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "template",
+ "body",
+ "from",
+ "subject",
+ "syntax",
+ "enabled"
+ ],
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "CreateEncryptionKeyPublicWrappingResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "public_key",
+ "algorithm"
+ ],
+ "properties": {
+ "public_key": {
+ "type": "string",
+ "description": "Public wrapping key in PEM format"
+ },
+ "algorithm": {
+ "$ref": "#/components/schemas/EncryptionKeyPublicWrappingAlgorithm"
+ }
+ }
+ },
+ "CreateEncryptionKeyRequestContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "type"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/CreateEncryptionKeyType"
+ }
+ }
+ },
+ "CreateEncryptionKeyResponseContent": {
+ "type": "object",
+ "description": "Encryption key",
+ "additionalProperties": false,
+ "required": [
+ "kid",
+ "type",
+ "state",
+ "created_at",
+ "updated_at",
+ "parent_kid"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "Key ID"
+ },
+ "type": {
+ "$ref": "#/components/schemas/EncryptionKeyType"
+ },
+ "state": {
+ "$ref": "#/components/schemas/EncryptionKeyState"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Key creation timestamp",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Key update timestamp",
+ "format": "date-time"
+ },
+ "parent_kid": {
+ "type": "string",
+ "description": "ID of parent wrapping key"
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Public key in PEM format"
+ }
+ }
+ },
+ "CreateEncryptionKeyType": {
+ "type": "string",
+ "description": "Type of the encryption key to be created.",
+ "enum": [
+ "customer-provided-root-key",
+ "tenant-encryption-key"
+ ]
+ },
+ "CreateEventStreamActionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "destination"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamActionDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ }
+ }
+ },
+ "CreateEventStreamEventBridgeRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "destination"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamEventBridgeDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ }
+ }
+ },
+ "CreateEventStreamRedeliveryRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "date_from": {
+ "type": "string",
+ "description": "An RFC-3339 date-time for redelivery start, inclusive. Does not allow sub-second precision.",
+ "maxLength": 20,
+ "format": "date-time"
+ },
+ "date_to": {
+ "type": "string",
+ "description": "An RFC-3339 date-time for redelivery end, exclusive. Does not allow sub-second precision.",
+ "maxLength": 20,
+ "format": "date-time"
+ },
+ "statuses": {
+ "type": "array",
+ "description": "Filter by status",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ }
+ },
+ "event_types": {
+ "type": "array",
+ "description": "Filter by event type",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamEventTypeEnum"
+ }
+ }
+ }
+ },
+ "CreateEventStreamRedeliveryResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "date_from": {
+ "type": "string",
+ "description": "An RFC-3339 date-time for redelivery start, inclusive. Does not allow sub-second precision.",
+ "maxLength": 20,
+ "format": "date-time"
+ },
+ "date_to": {
+ "type": "string",
+ "description": "An RFC-3339 date-time for redelivery end, exclusive. Does not allow sub-second precision.",
+ "maxLength": 20,
+ "format": "date-time"
+ },
+ "statuses": {
+ "type": "array",
+ "description": "Filter by status",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ }
+ },
+ "event_types": {
+ "type": "array",
+ "description": "Filter by event type",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamEventTypeEnum"
+ }
+ }
+ }
+ },
+ "CreateEventStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamEventBridgeResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamActionResponseContent"
+ }
+ ]
+ },
+ "CreateEventStreamTestEventRequestContent": {
+ "type": "object",
+ "description": "The payload for sending a test event to an event stream.",
+ "additionalProperties": false,
+ "required": [
+ "event_type"
+ ],
+ "properties": {
+ "event_type": {
+ "$ref": "#/components/schemas/EventStreamTestEventTypeEnum"
+ },
+ "data": {
+ "$ref": "#/components/schemas/TestEventDataContent"
+ }
+ }
+ },
+ "CreateEventStreamTestEventResponseContent": {
+ "type": "object",
+ "description": "Metadata about a specific attempt to deliver an event",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "event_stream_id",
+ "status",
+ "event_type",
+ "attempts"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the delivery"
+ },
+ "event_stream_id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ },
+ "event_type": {
+ "$ref": "#/components/schemas/EventStreamDeliveryEventTypeEnum"
+ },
+ "attempts": {
+ "type": "array",
+ "description": "Results of delivery attempts",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamDeliveryAttempt"
+ }
+ },
+ "event": {
+ "$ref": "#/components/schemas/EventStreamCloudEvent"
+ }
+ }
+ },
+ "CreateEventStreamWebHookRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "destination"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamWebhookDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ }
+ }
+ },
+ "CreateExportUsersFields": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the field in the profile.",
+ "maxLength": 100
+ },
+ "export_as": {
+ "type": "string",
+ "description": "Title of the column in the exported CSV.",
+ "maxLength": 100
+ }
+ }
+ },
+ "CreateExportUsersRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "connection_id of the connection from which users will be exported.",
+ "default": "con_0000000000000001"
+ },
+ "format": {
+ "$ref": "#/components/schemas/JobFileFormatEnum"
+ },
+ "limit": {
+ "type": "integer",
+ "description": "Limit the number of records.",
+ "default": 5
+ },
+ "fields": {
+ "type": "array",
+ "description": "List of fields to be included in the CSV. Defaults to a predefined set of fields.",
+ "items": {
+ "$ref": "#/components/schemas/CreateExportUsersFields"
+ }
+ }
+ }
+ },
+ "CreateExportUsersResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "id",
+ "type",
+ "status",
+ "connection"
+ ],
+ "properties": {
+ "status": {
+ "type": "string",
+ "description": "Status of this job.",
+ "default": "pending"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of job this is.",
+ "default": "users_export"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "When this job was created."
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this job.",
+ "default": "job_0000000000000001"
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "connection_id of the connection from which users will be exported.",
+ "default": "con_0000000000000001"
+ },
+ "format": {
+ "$ref": "#/components/schemas/JobFileFormatEnum"
+ },
+ "limit": {
+ "type": "integer",
+ "description": "Limit the number of records.",
+ "default": 5
+ },
+ "fields": {
+ "type": "array",
+ "description": "List of fields to be included in the CSV. Defaults to a predefined set of fields.",
+ "items": {
+ "$ref": "#/components/schemas/CreateExportUsersFields"
+ }
+ }
+ }
+ },
+ "CreateFlowRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "actions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ }
+ }
+ },
+ "CreateFlowResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "actions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "executed_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionActivecampaign": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionActivecampaignApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionActivecampaignUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionActivecampaignApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdActivecampaignEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKeyWithBaseUrl"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionActivecampaignUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdActivecampaignEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionAirtable": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAirtableApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAirtableUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionAirtableApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdAirtableEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionAirtableUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdAirtableEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionAuth0": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAuth0OauthApp"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAuth0Uninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionAuth0OauthApp": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdAuth0Enum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthApp"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionAuth0Uninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdAuth0Enum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionBigquery": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionBigqueryJwt"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionBigqueryUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionBigqueryJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdBigqueryEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupBigqueryOauthJwt"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionBigqueryUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdBigqueryEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionClearbit": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionClearbitApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionClearbitUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionClearbitApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdClearbitEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupSecretApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionClearbitUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdClearbitEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionDocusign": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionDocusignOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionDocusignUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionDocusignOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdDocusignEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionDocusignUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdDocusignEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionGoogleSheets": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionGoogleSheetsOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionGoogleSheetsUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionGoogleSheetsOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdGoogleSheetsEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionGoogleSheetsUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdGoogleSheetsEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionHttp": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHttpBearer"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHttpUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionHttpBearer": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdHttpEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupHttpBearer"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionHttpUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdHttpEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionHubspot": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHubspotApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHubspotOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHubspotUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionHubspotApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdHubspotEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionHubspotOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdHubspotEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionHubspotUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdHubspotEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionJwt": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionJwtJwt"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionJwtUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionJwtJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdJwtEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupJwt"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionJwtUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdJwtEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionMailchimp": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailchimpApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailchimpOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailchimpUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionMailchimpApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdMailchimpEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupSecretApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionMailchimpOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdMailchimpEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionMailchimpUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdMailchimpEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionMailjet": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailjetApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailjetUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionMailjetApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdMailjetEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupMailjetApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionMailjetUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdMailjetEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionPipedrive": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionPipedriveToken"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionPipedriveOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionPipedriveUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionPipedriveOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdPipedriveEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionPipedriveToken": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdPipedriveEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupToken"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionPipedriveUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdPipedriveEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionRequestContent": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionActivecampaign"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAirtable"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionAuth0"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionBigquery"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionClearbit"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionDocusign"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionGoogleSheets"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHttp"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionHubspot"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionJwt"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailchimp"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionMailjet"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionPipedrive"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSalesforce"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSendgrid"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSlack"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionStripe"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTelegram"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTwilio"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionWhatsapp"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionZapier"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "app_id",
+ "name",
+ "ready",
+ "created_at",
+ "updated_at",
+ "fingerprint"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flows Vault Connection identifier.",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "app_id": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "environment": {
+ "type": "string",
+ "description": "Flows Vault Connection environment.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "account_name": {
+ "type": "string",
+ "description": "Flows Vault Connection custom account name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "ready": {
+ "type": "boolean",
+ "description": "Whether the Flows Vault Connection is configured."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was updated.",
+ "format": "date-time"
+ },
+ "refreshed_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was refreshed.",
+ "format": "date-time"
+ },
+ "fingerprint": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSalesforce": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSalesforceOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSalesforceUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionSalesforceOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSalesforceEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSalesforceUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSalesforceEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSendgrid": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSendgridApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSendgridUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionSendgridApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSendgridEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSendgridUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSendgridEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSlack": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSlackWebhook"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSlackOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionSlackUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionSlackOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSlackEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSlackUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSlackEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionSlackWebhook": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdSlackEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupWebhook"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionStripe": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionStripeKeyPair"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionStripeOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionStripeUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionStripeKeyPair": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdStripeEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupStripeKeyPair"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionStripeOauthCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdStripeEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionStripeUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdStripeEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionTelegram": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTelegramToken"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTelegramUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionTelegramToken": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdTelegramEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupToken"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionTelegramUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdTelegramEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionTwilio": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTwilioApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionTwilioUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionTwilioApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdTwilioEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTwilioApiKey"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionTwilioUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdTwilioEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionWhatsapp": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionWhatsappToken"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionWhatsappUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionWhatsappToken": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdWhatsappEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupToken"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionWhatsappUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdWhatsappEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionZapier": {
+ "type": "object",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionZapierWebhook"
+ },
+ {
+ "$ref": "#/components/schemas/CreateFlowsVaultConnectionZapierUninitialized"
+ }
+ ]
+ },
+ "CreateFlowsVaultConnectionZapierUninitialized": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdZapierEnum"
+ }
+ }
+ },
+ "CreateFlowsVaultConnectionZapierWebhook": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "app_id",
+ "setup"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "app_id": {
+ "$ref": "#/components/schemas/FlowsVaultConnectionAppIdZapierEnum"
+ },
+ "setup": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupWebhook"
+ }
+ }
+ },
+ "CreateFormRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "messages": {
+ "$ref": "#/components/schemas/FormMessages"
+ },
+ "languages": {
+ "$ref": "#/components/schemas/FormLanguages"
+ },
+ "translations": {
+ "$ref": "#/components/schemas/FormTranslations"
+ },
+ "nodes": {
+ "$ref": "#/components/schemas/FormNodeList"
+ },
+ "start": {
+ "$ref": "#/components/schemas/FormStartNode"
+ },
+ "ending": {
+ "$ref": "#/components/schemas/FormEndingNode"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormStyle"
+ }
+ }
+ },
+ "CreateFormResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "form-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "messages": {
+ "$ref": "#/components/schemas/FormMessages"
+ },
+ "languages": {
+ "$ref": "#/components/schemas/FormLanguages"
+ },
+ "translations": {
+ "$ref": "#/components/schemas/FormTranslations"
+ },
+ "nodes": {
+ "$ref": "#/components/schemas/FormNodeList"
+ },
+ "start": {
+ "$ref": "#/components/schemas/FormStartNode"
+ },
+ "ending": {
+ "$ref": "#/components/schemas/FormEndingNode"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormStyle"
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "embedded_at": {
+ "type": "string",
+ "format": "date"
+ },
+ "submitted_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "CreateGuardianEnrollmentTicketRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "user_id"
+ ],
+ "properties": {
+ "user_id": {
+ "type": "string",
+ "description": "user_id for the enrollment ticket",
+ "format": "user-id"
+ },
+ "email": {
+ "type": "string",
+ "description": "alternate email to which the enrollment email will be sent. Optional - by default, the email will be sent to the user's default address",
+ "format": "email"
+ },
+ "send_mail": {
+ "type": "boolean",
+ "description": "Send an email to the user to start the enrollment"
+ },
+ "email_locale": {
+ "type": "string",
+ "description": "Optional. Specify the locale of the enrollment email. Used with send_email."
+ },
+ "factor": {
+ "$ref": "#/components/schemas/GuardianEnrollmentFactorEnum"
+ },
+ "allow_multiple_enrollments": {
+ "type": "boolean",
+ "description": "Optional. Allows a user who has previously enrolled in MFA to enroll with additional factors.true if the identity provider is a social provider, falses otherwise"
+ },
+ "access_token": {
+ "type": "string",
+ "description": "IDP access token returned only if scope read:user_idp_tokens is defined"
+ },
+ "access_token_secret": {
+ "type": "string",
+ "description": "IDP access token secret returned only if scope read:user_idp_tokens is defined."
+ },
+ "refresh_token": {
+ "type": "string",
+ "description": "IDP refresh token returned only if scope read:user_idp_tokens is defined."
+ },
+ "profileData": {
+ "$ref": "#/components/schemas/UserProfileData"
+ }
+ }
+ }
+ },
+ "DeleteUserPermissionsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "permissions"
+ ],
+ "properties": {
+ "permissions": {
+ "type": "array",
+ "description": "List of permissions to remove from this user.",
+ "items": {
+ "$ref": "#/components/schemas/PermissionRequestPayload"
+ }
+ }
+ }
+ },
+ "DeleteUserRolesRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "roles"
+ ],
+ "properties": {
+ "roles": {
+ "type": "array",
+ "description": "List of roles IDs to remove from the user.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ }
+ },
+ "DeployActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique id of an action version.",
+ "default": "12a3b9e6-06e6-4a29-96bf-90c82fe79a0d"
+ },
+ "action_id": {
+ "type": "string",
+ "description": "The id of the action to which this version belongs.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of this specific version of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this specific version depends on. ",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "deployed": {
+ "type": "boolean",
+ "description": "Indicates if this specific version is the currently one deployed.",
+ "default": true
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionVersionBuildStatusEnum"
+ },
+ "number": {
+ "type": "number",
+ "description": "The index of this version in list of versions for the action.",
+ "default": 1
+ },
+ "errors": {
+ "type": "array",
+ "description": "Any errors that occurred while the version was being built.",
+ "items": {
+ "$ref": "#/components/schemas/ActionError"
+ }
+ },
+ "action": {
+ "$ref": "#/components/schemas/ActionBase"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this version was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this version was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when a version was updated. Versions are never updated externally. Only Auth0 will update an action version as it is being built.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this version supports. At this time, a version can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ }
+ }
+ },
+ "DeployActionVersionRequestBodyParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "update_draft": {
+ "type": "boolean",
+ "description": "True if the draft of the action should be updated with the reverted version.",
+ "default": false
+ }
+ }
+ },
+ "DeployActionVersionRequestContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/DeployActionVersionRequestBodyParams"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "DeployActionVersionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique id of an action version.",
+ "default": "12a3b9e6-06e6-4a29-96bf-90c82fe79a0d"
+ },
+ "action_id": {
+ "type": "string",
+ "description": "The id of the action to which this version belongs.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of this specific version of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this specific version depends on. ",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "deployed": {
+ "type": "boolean",
+ "description": "Indicates if this specific version is the currently one deployed.",
+ "default": true
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionVersionBuildStatusEnum"
+ },
+ "number": {
+ "type": "number",
+ "description": "The index of this version in list of versions for the action.",
+ "default": 1
+ },
+ "errors": {
+ "type": "array",
+ "description": "Any errors that occurred while the version was being built.",
+ "items": {
+ "$ref": "#/components/schemas/ActionError"
+ }
+ },
+ "action": {
+ "$ref": "#/components/schemas/ActionBase"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this version was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this version was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when a version was updated. Versions are never updated externally. Only Auth0 will update an action version as it is being built.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this version supports. At this time, a version can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ }
+ }
+ },
+ "DeviceCredential": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of this device.",
+ "default": "dcr_0000000000000001"
+ },
+ "device_name": {
+ "type": "string",
+ "description": "User agent for this device",
+ "default": "iPhone Mobile Safari UI/WKWebView"
+ },
+ "device_id": {
+ "type": "string",
+ "description": "Unique identifier for the device. NOTE: This field is generally not populated for refresh_tokens and rotating_refresh_tokens",
+ "default": "550e8400-e29b-41d4-a716-446655440000"
+ },
+ "type": {
+ "$ref": "#/components/schemas/DeviceCredentialTypeEnum"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "user_id this credential is associated with.",
+ "default": "usr_5457edea1b8f33391a000004"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "client_id of the client (application) this credential is for.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ }
+ }
+ },
+ "DeviceCredentialPublicKeyTypeEnum": {
+ "type": "string",
+ "description": "Type of credential. Must be `public_key`.",
+ "enum": [
+ "public_key"
+ ]
+ },
+ "DeviceCredentialTypeEnum": {
+ "type": "string",
+ "description": "Type of credentials to retrieve. Must be `public_key`, `refresh_token` or `rotating_refresh_token`. The property will default to `refresh_token` when paging is requested",
+ "enum": [
+ "public_key",
+ "refresh_token",
+ "rotating_refresh_token"
+ ]
+ },
+ "DomainVerification": {
+ "type": "object",
+ "description": "Domain verification settings.",
+ "additionalProperties": false,
+ "properties": {
+ "methods": {
+ "type": "array",
+ "description": "Domain verification methods.",
+ "items": {
+ "$ref": "#/components/schemas/DomainVerificationMethod"
+ }
+ }
+ }
+ },
+ "DomainVerificationMethod": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "record"
+ ],
+ "properties": {
+ "name": {
+ "$ref": "#/components/schemas/DomainVerificationMethodNameEnum"
+ },
+ "record": {
+ "type": "string",
+ "description": "Value used to verify the domain.",
+ "default": "auth0-domain-verification=..."
+ },
+ "domain": {
+ "type": "string",
+ "description": "The name of the txt record for verification",
+ "default": "_cf-custom-hostname.login.mycompany.com"
+ }
+ }
+ },
+ "DomainVerificationMethodNameEnum": {
+ "type": "string",
+ "description": "Domain verification method.",
+ "default": "txt",
+ "enum": [
+ "cname",
+ "txt"
+ ]
+ },
+ "EmailAttribute": {
+ "type": "object",
+ "description": "Configuration for the email attribute for users.",
+ "additionalProperties": false,
+ "properties": {
+ "identifier": {
+ "$ref": "#/components/schemas/ConnectionAttributeIdentifier"
+ },
+ "profile_required": {
+ "type": "boolean",
+ "description": "Determines if property should be required for users"
+ },
+ "verification_method": {
+ "$ref": "#/components/schemas/VerificationMethodEnum"
+ },
+ "signup": {
+ "$ref": "#/components/schemas/SignupVerified"
+ }
+ }
+ },
+ "EmailMailgunRegionEnum": {
+ "description": "Set to eu if your domain is provisioned to use Mailgun's EU region. Otherwise, set to null.",
+ "enum": [
+ "eu",
+ null
+ ]
+ },
+ "EmailProviderCredentials": {
+ "type": "object",
+ "description": "Credentials required to use the provider.",
+ "additionalProperties": false,
+ "properties": {
+ "api_user": {
+ "type": "string",
+ "description": "API User."
+ },
+ "region": {
+ "type": "string",
+ "description": "AWS or SparkPost region."
+ },
+ "smtp_host": {
+ "type": "string",
+ "description": "SMTP host."
+ },
+ "smtp_port": {
+ "type": "integer",
+ "description": "SMTP port."
+ },
+ "smtp_user": {
+ "type": "string",
+ "description": "SMTP username."
+ }
+ }
+ },
+ "EmailProviderCredentialsSchema": {
+ "type": "object",
+ "description": "Credentials required to use the provider.",
+ "anyOf": [
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "api_key"
+ ],
+ "properties": {
+ "api_key": {
+ "type": "string",
+ "description": "API Key",
+ "minLength": 1
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "accessKeyId": {
+ "type": "string",
+ "description": "AWS Access Key ID.",
+ "minLength": 1
+ },
+ "secretAccessKey": {
+ "type": "string",
+ "description": "AWS Secret Access Key.",
+ "minLength": 1
+ },
+ "region": {
+ "type": "string",
+ "description": "AWS region.",
+ "minLength": 1
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "smtp_host": {
+ "$ref": "#/components/schemas/EmailSMTPHost"
+ },
+ "smtp_port": {
+ "type": "integer",
+ "description": "SMTP port."
+ },
+ "smtp_user": {
+ "type": "string",
+ "description": "SMTP username.",
+ "minLength": 1
+ },
+ "smtp_pass": {
+ "type": "string",
+ "description": "SMTP password.",
+ "minLength": 1
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "api_key": {
+ "type": "string",
+ "description": "API Key",
+ "minLength": 1
+ },
+ "region": {
+ "$ref": "#/components/schemas/EmailSparkPostRegionEnum"
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "api_key": {
+ "type": "string",
+ "description": "API Key",
+ "minLength": 1
+ },
+ "domain": {
+ "type": "string",
+ "description": "Domain",
+ "minLength": 4
+ },
+ "region": {
+ "$ref": "#/components/schemas/EmailMailgunRegionEnum"
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connectionString": {
+ "type": "string",
+ "description": "Azure Communication Services Connection String.",
+ "minLength": 1
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "tenantId": {
+ "type": "string",
+ "description": "Microsoft 365 Tenant ID.",
+ "minLength": 1
+ },
+ "clientId": {
+ "type": "string",
+ "description": "Microsoft 365 Client ID.",
+ "minLength": 1
+ },
+ "clientSecret": {
+ "type": "string",
+ "description": "Microsoft 365 Client Secret.",
+ "minLength": 1
+ }
+ }
+ },
+ {
+ "$ref": "#/components/schemas/ExtensibilityEmailProviderCredentials"
+ }
+ ]
+ },
+ "EmailProviderNameEnum": {
+ "type": "string",
+ "description": "Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`.",
+ "enum": [
+ "mailgun",
+ "mandrill",
+ "sendgrid",
+ "ses",
+ "sparkpost",
+ "smtp",
+ "azure_cs",
+ "ms365",
+ "custom"
+ ]
+ },
+ "EmailProviderSettings": {
+ "type": "object",
+ "description": "Specific provider setting",
+ "additionalProperties": true
+ },
+ "EmailSMTPHost": {
+ "type": "string",
+ "description": "SMTP host.",
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "hostname-rfc2181"
+ },
+ {
+ "type": "string",
+ "format": "ipv4"
+ },
+ {
+ "type": "string",
+ "format": "ipv6"
+ }
+ ]
+ },
+ "EmailSparkPostRegionEnum": {
+ "description": "Set to eu to use SparkPost service hosted in Western Europe. To use SparkPost hosted in North America, set it to null.",
+ "enum": [
+ "eu",
+ null
+ ]
+ },
+ "EmailSpecificProviderSettingsWithAdditionalProperties": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Specific provider setting",
+ "additionalProperties": true
+ },
+ "EmailTemplateNameEnum": {
+ "type": "string",
+ "description": "Template name. Can be `verify_email`, `verify_email_by_code`, `reset_email`, `reset_email_by_code`, `welcome_email`, `blocked_account`, `stolen_credentials`, `enrollment_email`, `mfa_oob_code`, `user_invitation`, `async_approval`, `change_password` (legacy), or `password_reset` (legacy).",
+ "default": "verify_email",
+ "enum": [
+ "verify_email",
+ "verify_email_by_code",
+ "reset_email",
+ "reset_email_by_code",
+ "welcome_email",
+ "blocked_account",
+ "stolen_credentials",
+ "enrollment_email",
+ "mfa_oob_code",
+ "user_invitation",
+ "change_password",
+ "password_reset",
+ "async_approval"
+ ]
+ },
+ "EncryptionKey": {
+ "type": "object",
+ "description": "Encryption key",
+ "additionalProperties": false,
+ "required": [
+ "kid",
+ "type",
+ "state",
+ "created_at",
+ "updated_at",
+ "parent_kid"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "Key ID"
+ },
+ "type": {
+ "$ref": "#/components/schemas/EncryptionKeyType"
+ },
+ "state": {
+ "$ref": "#/components/schemas/EncryptionKeyState"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Key creation timestamp",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Key update timestamp",
+ "format": "date-time"
+ },
+ "parent_kid": {
+ "type": "string",
+ "description": "ID of parent wrapping key"
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Public key in PEM format"
+ }
+ }
+ },
+ "EncryptionKeyPublicWrappingAlgorithm": {
+ "type": "string",
+ "description": "Encryption algorithm that shall be used to wrap your key material",
+ "enum": [
+ "CKM_RSA_AES_KEY_WRAP"
+ ]
+ },
+ "EncryptionKeyState": {
+ "type": "string",
+ "description": "Key state",
+ "enum": [
+ "pre-activation",
+ "active",
+ "deactivated",
+ "destroyed"
+ ]
+ },
+ "EncryptionKeyType": {
+ "type": "string",
+ "description": "Key type",
+ "enum": [
+ "customer-provided-root-key",
+ "environment-root-key",
+ "tenant-master-key",
+ "tenant-encryption-key"
+ ]
+ },
+ "EventStreamActionConfiguration": {
+ "type": "object",
+ "description": "Configuration specific to an action destination.",
+ "additionalProperties": false,
+ "required": [
+ "action_id"
+ ],
+ "properties": {
+ "action_id": {
+ "type": "string",
+ "description": "Action ID for the action destination."
+ }
+ }
+ },
+ "EventStreamActionDestination": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "configuration"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/EventStreamActionDestinationTypeEnum"
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/EventStreamActionConfiguration"
+ }
+ }
+ },
+ "EventStreamActionDestinationTypeEnum": {
+ "type": "string",
+ "enum": [
+ "action"
+ ]
+ },
+ "EventStreamActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamActionDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was last updated.",
+ "format": "date-time"
+ }
+ }
+ },
+ "EventStreamCloudEvent": {
+ "type": "object",
+ "description": "Event content. This will only be set if delivery failed.",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the event",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-id"
+ },
+ "source": {
+ "type": "string",
+ "description": "Where the event originated"
+ },
+ "specversion": {
+ "type": "string",
+ "description": "Version of CloudEvents spec"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of the event (e.g., user.created)"
+ },
+ "time": {
+ "type": "string",
+ "description": "Timestamp at which the event was generated",
+ "format": "date-time"
+ },
+ "data": {
+ "type": "string",
+ "description": "Event contents encoded as a string."
+ }
+ }
+ },
+ "EventStreamDelivery": {
+ "type": "object",
+ "description": "Metadata about a specific attempt to deliver an event",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "event_stream_id",
+ "status",
+ "event_type",
+ "attempts"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the delivery"
+ },
+ "event_stream_id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ },
+ "event_type": {
+ "$ref": "#/components/schemas/EventStreamDeliveryEventTypeEnum"
+ },
+ "attempts": {
+ "type": "array",
+ "description": "Results of delivery attempts",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamDeliveryAttempt"
+ }
+ },
+ "event": {
+ "$ref": "#/components/schemas/EventStreamCloudEvent"
+ }
+ }
+ },
+ "EventStreamDeliveryAttempt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "status",
+ "timestamp"
+ ],
+ "properties": {
+ "status": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ },
+ "timestamp": {
+ "type": "string",
+ "description": "Timestamp of delivery attempt",
+ "format": "date-time"
+ },
+ "error_message": {
+ "type": "string",
+ "description": "Delivery error message, if applicable"
+ }
+ }
+ },
+ "EventStreamDeliveryEventTypeEnum": {
+ "type": "string",
+ "description": "Type of event",
+ "maxLength": 33,
+ "enum": [
+ "user.created",
+ "user.deleted",
+ "user.updated",
+ "organization.created",
+ "organization.updated",
+ "organization.deleted",
+ "organization.member.added",
+ "organization.member.deleted",
+ "organization.member.role.assigned",
+ "organization.member.role.deleted",
+ "organization.connection.added",
+ "organization.connection.updated",
+ "organization.connection.removed"
+ ]
+ },
+ "EventStreamDeliveryStatusEnum": {
+ "type": "string",
+ "description": "Delivery status",
+ "maxLength": 6,
+ "enum": [
+ "failed"
+ ]
+ },
+ "EventStreamDestinationPatch": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookDestination"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamActionDestination"
+ }
+ ]
+ },
+ "EventStreamEventBridgeAWSRegionEnum": {
+ "type": "string",
+ "description": "AWS Region for EventBridge destination.",
+ "enum": [
+ "ap-east-1",
+ "ap-northeast-1",
+ "ap-northeast-2",
+ "ap-northeast-3",
+ "ap-south-1",
+ "ap-southeast-1",
+ "ap-southeast-2",
+ "ca-central-1",
+ "cn-north-1",
+ "cn-northwest-1",
+ "eu-central-1",
+ "eu-north-1",
+ "eu-west-1",
+ "eu-west-2",
+ "eu-west-3",
+ "me-south-1",
+ "sa-east-1",
+ "us-gov-east-1",
+ "us-gov-west-1",
+ "us-east-1",
+ "us-east-2",
+ "us-west-1",
+ "us-west-2"
+ ]
+ },
+ "EventStreamEventBridgeConfiguration": {
+ "type": "object",
+ "description": "Configuration specific to an eventbridge destination.",
+ "additionalProperties": false,
+ "required": [
+ "aws_account_id",
+ "aws_region"
+ ],
+ "properties": {
+ "aws_account_id": {
+ "type": "string",
+ "description": "AWS Account ID for EventBridge destination.\n"
+ },
+ "aws_region": {
+ "$ref": "#/components/schemas/EventStreamEventBridgeAWSRegionEnum"
+ },
+ "aws_partner_event_source": {
+ "type": "string",
+ "description": "AWS Partner Event Source for EventBridge destination.\n"
+ }
+ }
+ },
+ "EventStreamEventBridgeDestination": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "configuration"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/EventStreamEventBridgeDestinationTypeEnum"
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/EventStreamEventBridgeConfiguration"
+ }
+ }
+ },
+ "EventStreamEventBridgeDestinationTypeEnum": {
+ "type": "string",
+ "enum": [
+ "eventbridge"
+ ]
+ },
+ "EventStreamEventBridgeResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamEventBridgeDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was last updated.",
+ "format": "date-time"
+ }
+ }
+ },
+ "EventStreamEventTypeEnum": {
+ "type": "string",
+ "enum": [
+ "user.created",
+ "user.deleted",
+ "user.updated",
+ "organization.created",
+ "organization.updated",
+ "organization.deleted",
+ "organization.member.added",
+ "organization.member.deleted",
+ "organization.member.role.assigned",
+ "organization.member.role.deleted",
+ "organization.connection.added",
+ "organization.connection.updated",
+ "organization.connection.removed"
+ ]
+ },
+ "EventStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamEventBridgeResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamActionResponseContent"
+ }
+ ]
+ },
+ "EventStreamStatusEnum": {
+ "type": "string",
+ "description": "Indicates whether the event stream is actively forwarding events.",
+ "maxLength": 8,
+ "enum": [
+ "enabled",
+ "disabled"
+ ]
+ },
+ "EventStreamSubscription": {
+ "type": "object",
+ "description": "Event types",
+ "additionalProperties": false,
+ "properties": {
+ "event_type": {
+ "type": "string"
+ }
+ }
+ },
+ "EventStreamTestEventTypeEnum": {
+ "type": "string",
+ "description": "The type of event this test event represents.",
+ "maxLength": 33,
+ "enum": [
+ "user.created",
+ "user.deleted",
+ "user.updated",
+ "organization.created",
+ "organization.updated",
+ "organization.deleted",
+ "organization.member.added",
+ "organization.member.deleted",
+ "organization.member.role.assigned",
+ "organization.member.role.deleted",
+ "organization.connection.added",
+ "organization.connection.updated",
+ "organization.connection.removed"
+ ]
+ },
+ "EventStreamWebhookAuthorizationResponse": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookBasicAuth"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookBearerAuth"
+ }
+ ]
+ },
+ "EventStreamWebhookBasicAuth": {
+ "type": "object",
+ "description": "Basic Authorization for HTTP requests (e.g., 'Basic credentials').\n",
+ "additionalProperties": false,
+ "required": [
+ "method",
+ "username"
+ ],
+ "properties": {
+ "method": {
+ "$ref": "#/components/schemas/EventStreamWebhookBasicAuthMethodEnum"
+ },
+ "username": {
+ "type": "string",
+ "description": "Username",
+ "maxLength": 128
+ }
+ }
+ },
+ "EventStreamWebhookBasicAuthMethodEnum": {
+ "type": "string",
+ "description": "Type of authorization.",
+ "enum": [
+ "basic"
+ ]
+ },
+ "EventStreamWebhookBearerAuth": {
+ "type": "object",
+ "description": "Bearer Authorization for HTTP requests (e.g., 'Bearer token').\n",
+ "additionalProperties": false,
+ "required": [
+ "method"
+ ],
+ "properties": {
+ "method": {
+ "$ref": "#/components/schemas/EventStreamWebhookBearerAuthMethodEnum"
+ }
+ }
+ },
+ "EventStreamWebhookBearerAuthMethodEnum": {
+ "type": "string",
+ "description": "Type of authorization.",
+ "enum": [
+ "bearer"
+ ]
+ },
+ "EventStreamWebhookConfiguration": {
+ "type": "object",
+ "description": "Configuration specific to a webhook destination.",
+ "additionalProperties": false,
+ "required": [
+ "webhook_endpoint",
+ "webhook_authorization"
+ ],
+ "properties": {
+ "webhook_endpoint": {
+ "type": "string",
+ "description": "Target HTTP endpoint URL."
+ },
+ "webhook_authorization": {
+ "$ref": "#/components/schemas/EventStreamWebhookAuthorizationResponse"
+ }
+ }
+ },
+ "EventStreamWebhookDestination": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "configuration"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/EventStreamWebhookDestinationTypeEnum"
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/EventStreamWebhookConfiguration"
+ }
+ }
+ },
+ "EventStreamWebhookDestinationTypeEnum": {
+ "type": "string",
+ "enum": [
+ "webhook"
+ ]
+ },
+ "EventStreamWebhookResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamWebhookDestination"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Timestamp when the event stream was last updated.",
+ "format": "date-time"
+ }
+ }
+ },
+ "ExtensibilityEmailProviderCredentials": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {}
+ },
+ "FederatedConnectionTokenSet": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "connection": {
+ "type": "string"
+ },
+ "scope": {
+ "type": "string"
+ },
+ "expires_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "issued_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "last_used_at": {
+ "type": "string",
+ "format": "date-time"
+ }
+ }
+ },
+ "FlowAction": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionActivecampaign"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAirtable"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionBigquery"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionClearbit"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionEmail"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlow"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionGoogleSheets"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionHttp"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionHubspot"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJson"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJwt"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionMailchimp"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionMailjet"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionOtp"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionPipedrive"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSalesforce"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSendgrid"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSlack"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripe"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionTelegram"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionTwilio"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionWhatsapp"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionXml"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionZapier"
+ }
+ ]
+ },
+ "FlowActionActivecampaign": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionActivecampaignListContacts"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionActivecampaignUpsertContact"
+ }
+ ]
+ },
+ "FlowActionActivecampaignListContacts": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "ACTIVECAMPAIGN"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "LIST_CONTACTS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionActivecampaignListContactsParams"
+ }
+ }
+ },
+ "FlowActionActivecampaignListContactsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionActivecampaignUpsertContact": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "ACTIVECAMPAIGN"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPSERT_CONTACT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionActivecampaignUpsertContactParams"
+ }
+ }
+ },
+ "FlowActionActivecampaignUpsertContactParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ },
+ "first_name": {
+ "type": "string"
+ },
+ "last_name": {
+ "type": "string"
+ },
+ "phone": {
+ "type": "string"
+ },
+ "custom_fields": {
+ "$ref": "#/components/schemas/FlowActionActivecampaignUpsertContactParamsCustomFields"
+ }
+ }
+ },
+ "FlowActionActivecampaignUpsertContactParamsCustomFields": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionAirtable": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionAirtableCreateRecord"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAirtableListRecords"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAirtableUpdateRecord"
+ }
+ ]
+ },
+ "FlowActionAirtableCreateRecord": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AIRTABLE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_RECORD"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAirtableCreateRecordParams"
+ }
+ }
+ },
+ "FlowActionAirtableCreateRecordParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "base_id",
+ "table_name"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "base_id": {
+ "type": "string"
+ },
+ "table_name": {
+ "type": "string"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FlowActionAirtableCreateRecordParamsFields"
+ }
+ }
+ },
+ "FlowActionAirtableCreateRecordParamsFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionAirtableListRecords": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AIRTABLE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "LIST_RECORDS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAirtableListRecordsParams"
+ }
+ }
+ },
+ "FlowActionAirtableListRecordsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "base_id",
+ "table_name"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "base_id": {
+ "type": "string"
+ },
+ "table_name": {
+ "type": "string"
+ },
+ "query": {
+ "type": "string"
+ },
+ "view": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionAirtableUpdateRecord": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AIRTABLE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPDATE_RECORD"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAirtableUpdateRecordParams"
+ }
+ }
+ },
+ "FlowActionAirtableUpdateRecordParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "base_id",
+ "table_name",
+ "record_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "base_id": {
+ "type": "string"
+ },
+ "table_name": {
+ "type": "string"
+ },
+ "record_id": {
+ "type": "string"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FlowActionAirtableUpdateRecordParamsFields"
+ }
+ }
+ },
+ "FlowActionAirtableUpdateRecordParamsFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionAuth0": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0CreateUser"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0GetUser"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0UpdateUser"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequest"
+ }
+ ]
+ },
+ "FlowActionAuth0CreateUser": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AUTH0"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_USER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAuth0CreateUserParams"
+ }
+ }
+ },
+ "FlowActionAuth0CreateUserParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "payload"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionAuth0CreateUserParamsPayload"
+ }
+ }
+ },
+ "FlowActionAuth0CreateUserParamsPayload": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionAuth0GetUser": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AUTH0"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "GET_USER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAuth0GetUserParams"
+ }
+ }
+ },
+ "FlowActionAuth0GetUserParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "user_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "user_id": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionAuth0SendRequest": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AUTH0"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_REQUEST"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequestParams"
+ }
+ }
+ },
+ "FlowActionAuth0SendRequestParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "pathname"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "pathname": {
+ "type": "string"
+ },
+ "method": {
+ "type": "string",
+ "enum": [
+ "GET",
+ "POST",
+ "PUT",
+ "PATCH",
+ "DELETE"
+ ]
+ },
+ "headers": {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequestParamsHeaders"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequestParamsQueryParams"
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequestParamsPayload"
+ }
+ }
+ },
+ "FlowActionAuth0SendRequestParamsHeaders": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionAuth0SendRequestParamsPayload": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "array",
+ "items": {}
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionAuth0SendRequestParamsPayloadObject"
+ }
+ ]
+ },
+ "FlowActionAuth0SendRequestParamsPayloadObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionAuth0SendRequestParamsQueryParams": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionAuth0UpdateUser": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AUTH0"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPDATE_USER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionAuth0UpdateUserParams"
+ }
+ }
+ },
+ "FlowActionAuth0UpdateUserParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "user_id",
+ "changes"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "user_id": {
+ "type": "string"
+ },
+ "changes": {
+ "$ref": "#/components/schemas/FlowActionAuth0UpdateUserParamsChanges"
+ }
+ }
+ },
+ "FlowActionAuth0UpdateUserParamsChanges": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionBigquery": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionBigqueryInsertRows"
+ }
+ ]
+ },
+ "FlowActionBigqueryInsertRows": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "BIGQUERY"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "INSERT_ROWS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionBigqueryInsertRowsParams"
+ }
+ }
+ },
+ "FlowActionBigqueryInsertRowsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "dataset_id",
+ "table_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "dataset_id": {
+ "type": "string"
+ },
+ "table_id": {
+ "type": "string"
+ },
+ "data": {
+ "$ref": "#/components/schemas/FlowActionBigqueryInsertRowsParamsData"
+ }
+ }
+ },
+ "FlowActionBigqueryInsertRowsParamsData": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionClearbit": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionClearbitFindPerson"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionClearbitFindCompany"
+ }
+ ]
+ },
+ "FlowActionClearbitFindCompany": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "CLEARBIT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "FIND_COMPANY"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionClearbitFindCompanyParams"
+ }
+ }
+ },
+ "FlowActionClearbitFindCompanyParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "domain"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "domain": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionClearbitFindPerson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "CLEARBIT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "FIND_PERSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionClearbitFindPersonParams"
+ }
+ }
+ },
+ "FlowActionClearbitFindPersonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionEmail": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionEmailVerifyEmail"
+ }
+ ]
+ },
+ "FlowActionEmailVerifyEmail": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "EMAIL"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "VERIFY_EMAIL"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionEmailVerifyEmailParams"
+ }
+ }
+ },
+ "FlowActionEmailVerifyEmailParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "email"
+ ],
+ "properties": {
+ "email": {
+ "type": "string"
+ },
+ "rules": {
+ "$ref": "#/components/schemas/FlowActionEmailVerifyEmailParamsRules"
+ }
+ }
+ },
+ "FlowActionEmailVerifyEmailParamsRules": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "require_mx_record": {
+ "type": "boolean"
+ },
+ "block_aliases": {
+ "type": "boolean"
+ },
+ "block_free_emails": {
+ "type": "boolean"
+ },
+ "block_disposable_emails": {
+ "type": "boolean"
+ },
+ "blocklist": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowlist": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "FlowActionFlow": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionFlowBooleanCondition"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowDelayFlow"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowDoNothing"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowErrorMessage"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowMapValue"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowReturnJson"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowStoreVars"
+ }
+ ]
+ },
+ "FlowActionFlowBooleanCondition": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "BOOLEAN_CONDITION"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowBooleanConditionParams"
+ }
+ }
+ },
+ "FlowActionFlowBooleanConditionParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "if"
+ ],
+ "properties": {
+ "if": {},
+ "then": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ },
+ "else": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ }
+ }
+ },
+ "FlowActionFlowDelayFlow": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "DELAY_FLOW"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowDelayFlowParams"
+ }
+ }
+ },
+ "FlowActionFlowDelayFlowParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "number"
+ ],
+ "properties": {
+ "number": {
+ "$ref": "#/components/schemas/FlowActionFlowDelayFlowParamsNumber"
+ },
+ "units": {
+ "type": "string",
+ "enum": [
+ "SECONDS",
+ "MINUTES",
+ "HOURS",
+ "DAYS"
+ ]
+ }
+ }
+ },
+ "FlowActionFlowDelayFlowParamsNumber": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "string",
+ "maxLength": 250
+ }
+ ]
+ },
+ "FlowActionFlowDoNothing": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "DO_NOTHING"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowDoNothingParams"
+ }
+ }
+ },
+ "FlowActionFlowDoNothingParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {}
+ },
+ "FlowActionFlowErrorMessage": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ERROR_MESSAGE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowErrorMessageParams"
+ }
+ }
+ },
+ "FlowActionFlowErrorMessageParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "message"
+ ],
+ "properties": {
+ "message": {
+ "type": "string",
+ "maxLength": 2048
+ }
+ }
+ },
+ "FlowActionFlowMapValue": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "MAP_VALUE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowMapValueParams"
+ }
+ }
+ },
+ "FlowActionFlowMapValueParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "input"
+ ],
+ "properties": {
+ "input": {
+ "$ref": "#/components/schemas/FlowActionFlowMapValueParamsInput"
+ },
+ "cases": {
+ "$ref": "#/components/schemas/FlowActionFlowMapValueParamsCases"
+ },
+ "fallback": {
+ "$ref": "#/components/schemas/FlowActionFlowMapValueParamsFallback"
+ }
+ }
+ },
+ "FlowActionFlowMapValueParamsCases": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionFlowMapValueParamsFallback": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionFlowMapValueParamsFallbackObject"
+ },
+ {
+ "type": "array",
+ "items": {}
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FlowActionFlowMapValueParamsFallbackObject": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionFlowMapValueParamsInput": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionFlowReturnJson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "RETURN_JSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowReturnJsonParams"
+ }
+ }
+ },
+ "FlowActionFlowReturnJsonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "payload"
+ ],
+ "properties": {
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionFlowReturnJsonParamsPayload"
+ }
+ }
+ },
+ "FlowActionFlowReturnJsonParamsPayload": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionFlowReturnJsonParamsPayloadObject"
+ },
+ {
+ "type": "string"
+ }
+ ]
+ },
+ "FlowActionFlowReturnJsonParamsPayloadObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionFlowStoreVars": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "STORE_VARS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionFlowStoreVarsParams"
+ }
+ }
+ },
+ "FlowActionFlowStoreVarsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "vars"
+ ],
+ "properties": {
+ "vars": {
+ "$ref": "#/components/schemas/FlowActionFlowStoreVarsParamsVars"
+ }
+ }
+ },
+ "FlowActionFlowStoreVarsParamsVars": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionGoogleSheets": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionGoogleSheetsAddRow"
+ }
+ ]
+ },
+ "FlowActionGoogleSheetsAddRow": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "GOOGLE_SHEETS"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ADD_ROW"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionGoogleSheetsAddRowParams"
+ }
+ }
+ },
+ "FlowActionGoogleSheetsAddRowParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "spreadsheet_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "spreadsheet_id": {
+ "type": "string",
+ "minLength": 1
+ },
+ "sheet_id": {
+ "$ref": "#/components/schemas/FlowActionGoogleSheetsAddRowParamsSheetId"
+ },
+ "values": {
+ "$ref": "#/components/schemas/FlowActionGoogleSheetsAddRowParamsValues"
+ }
+ }
+ },
+ "FlowActionGoogleSheetsAddRowParamsSheetId": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "string"
+ }
+ ]
+ },
+ "FlowActionGoogleSheetsAddRowParamsValues": {
+ "type": "array",
+ "items": {
+ "type": [
+ "string",
+ "null"
+ ]
+ }
+ },
+ "FlowActionHttp": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequest"
+ }
+ ]
+ },
+ "FlowActionHttpSendRequest": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "HTTP"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_REQUEST"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParams"
+ }
+ }
+ },
+ "FlowActionHttpSendRequestParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "url"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "url": {
+ "type": "string"
+ },
+ "method": {
+ "type": "string",
+ "enum": [
+ "GET",
+ "POST",
+ "PUT",
+ "PATCH",
+ "DELETE"
+ ]
+ },
+ "headers": {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParamsHeaders"
+ },
+ "basic": {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParamsBasicAuth"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParamsQueryParams"
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParamsPayload"
+ },
+ "content_type": {
+ "type": "string",
+ "enum": [
+ "JSON",
+ "FORM",
+ "XML"
+ ]
+ }
+ }
+ },
+ "FlowActionHttpSendRequestParamsBasicAuth": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "username": {
+ "type": "string",
+ "minLength": 1
+ },
+ "password": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FlowActionHttpSendRequestParamsHeaders": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionHttpSendRequestParamsPayload": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "array",
+ "items": {}
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionHttpSendRequestParamsPayloadObject"
+ }
+ ]
+ },
+ "FlowActionHttpSendRequestParamsPayloadObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionHttpSendRequestParamsQueryParams": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionHubspot": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionHubspotEnrollContact"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionHubspotGetContact"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionHubspotUpsertContact"
+ }
+ ]
+ },
+ "FlowActionHubspotEnrollContact": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "HUBSPOT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ENROLL_CONTACT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionHubspotEnrollContactParams"
+ }
+ }
+ },
+ "FlowActionHubspotEnrollContactParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email",
+ "workflow_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ },
+ "workflow_id": {
+ "$ref": "#/components/schemas/FlowActionHubspotEnrollContactParamsWorkflowId"
+ }
+ }
+ },
+ "FlowActionHubspotEnrollContactParamsWorkflowId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "integer"
+ }
+ ]
+ },
+ "FlowActionHubspotGetContact": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "HUBSPOT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "GET_CONTACT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionHubspotGetContactParams"
+ }
+ }
+ },
+ "FlowActionHubspotGetContactParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionHubspotUpsertContact": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "HUBSPOT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPSERT_CONTACT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionHubspotUpsertContactParams"
+ }
+ }
+ },
+ "FlowActionHubspotUpsertContactParams": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ },
+ "properties": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowActionHubspotUpsertContactParamsProperty"
+ }
+ }
+ }
+ },
+ "FlowActionHubspotUpsertContactParamsProperty": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "property"
+ ],
+ "properties": {
+ "property": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "value": {}
+ }
+ },
+ "FlowActionJson": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionJsonCreateJson"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJsonParseJson"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJsonSerializeJson"
+ }
+ ]
+ },
+ "FlowActionJsonCreateJson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JSON"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_JSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJsonCreateJsonParams"
+ }
+ }
+ },
+ "FlowActionJsonCreateJsonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "object"
+ ],
+ "properties": {
+ "object": {
+ "$ref": "#/components/schemas/FlowActionJsonCreateJsonParamsObject"
+ }
+ }
+ },
+ "FlowActionJsonCreateJsonParamsObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionJsonParseJson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JSON"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "PARSE_JSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJsonParseJsonParams"
+ }
+ }
+ },
+ "FlowActionJsonParseJsonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "json"
+ ],
+ "properties": {
+ "json": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionJsonSerializeJson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JSON"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SERIALIZE_JSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJsonSerializeJsonParams"
+ }
+ }
+ },
+ "FlowActionJsonSerializeJsonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "object"
+ ],
+ "properties": {
+ "object": {
+ "$ref": "#/components/schemas/FlowActionJsonSerializeJsonParamsObject"
+ }
+ }
+ },
+ "FlowActionJsonSerializeJsonParamsObject": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJsonSerializeJsonParamsObjectObject"
+ }
+ ]
+ },
+ "FlowActionJsonSerializeJsonParamsObjectObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionJwt": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionJwtDecodeJwt"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJwtSignJwt"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionJwtVerifyJwt"
+ }
+ ]
+ },
+ "FlowActionJwtDecodeJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JWT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "DECODE_JWT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJwtDecodeJwtParams"
+ }
+ }
+ },
+ "FlowActionJwtDecodeJwtParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "token"
+ ],
+ "properties": {
+ "token": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "FlowActionJwtSignJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JWT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SIGN_JWT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJwtSignJwtParams"
+ }
+ }
+ },
+ "FlowActionJwtSignJwtParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionJwtSignJwtParamsPayload"
+ },
+ "subject": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "issuer": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "audience": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "expires_in": {
+ "type": "string",
+ "maxLength": 25
+ }
+ }
+ },
+ "FlowActionJwtSignJwtParamsPayload": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionJwtVerifyJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "JWT"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "VERIFY_JWT"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionJwtVerifyJwtParams"
+ }
+ }
+ },
+ "FlowActionJwtVerifyJwtParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "token"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "token": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "audience": {
+ "type": "string",
+ "maxLength": 500
+ },
+ "issuer": {
+ "type": "string",
+ "maxLength": 500
+ }
+ }
+ },
+ "FlowActionMailchimp": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionMailchimpUpsertMember"
+ }
+ ]
+ },
+ "FlowActionMailchimpUpsertMember": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "MAILCHIMP"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPSERT_MEMBER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionMailchimpUpsertMemberParams"
+ }
+ }
+ },
+ "FlowActionMailchimpUpsertMemberParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "list_id",
+ "member"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "list_id": {
+ "type": "string"
+ },
+ "member": {
+ "$ref": "#/components/schemas/FlowActionMailchimpUpsertMemberParamsMember"
+ }
+ }
+ },
+ "FlowActionMailchimpUpsertMemberParamsMember": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "email_address",
+ "status_if_new"
+ ],
+ "properties": {
+ "email_address": {
+ "type": "string"
+ },
+ "status_if_new": {
+ "type": "string"
+ },
+ "merge_fields": {
+ "$ref": "#/components/schemas/FlowActionMailchimpUpsertMemberParamsMemberMergeFields"
+ }
+ }
+ },
+ "FlowActionMailchimpUpsertMemberParamsMemberMergeFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionMailjet": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionMailjetSendEmail"
+ }
+ ]
+ },
+ "FlowActionMailjetSendEmail": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "MAILJET"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_EMAIL"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionMailjetSendEmailParams"
+ }
+ }
+ },
+ "FlowActionMailjetSendEmailParams": {
+ "type": "object",
+ "oneOf": [
+ {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "content"
+ ],
+ "properties": {
+ "content": {
+ "type": "string"
+ }
+ }
+ },
+ {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "template_id"
+ ],
+ "properties": {
+ "template_id": {
+ "type": "integer"
+ },
+ "variables": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ }
+ }
+ }
+ ]
+ },
+ "FlowActionOtp": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionOtpGenerateCode"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionOtpVerifyCode"
+ }
+ ]
+ },
+ "FlowActionOtpGenerateCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "OTP"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "GENERATE_CODE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionOtpGenerateCodeParams"
+ }
+ }
+ },
+ "FlowActionOtpGenerateCodeParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "reference",
+ "length"
+ ],
+ "properties": {
+ "reference": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "length": {
+ "type": "integer"
+ }
+ }
+ },
+ "FlowActionOtpVerifyCode": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "OTP"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "VERIFY_CODE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionOtpVerifyCodeParams"
+ }
+ }
+ },
+ "FlowActionOtpVerifyCodeParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "reference",
+ "code"
+ ],
+ "properties": {
+ "reference": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "code": {
+ "$ref": "#/components/schemas/FlowActionOtpVerifyCodeParamsCode"
+ }
+ }
+ },
+ "FlowActionOtpVerifyCodeParamsCode": {
+ "oneOf": [
+ {
+ "type": "integer"
+ },
+ {
+ "type": "string",
+ "maxLength": 250
+ }
+ ]
+ },
+ "FlowActionPipedrive": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDeal"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddOrganization"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddPerson"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddDeal": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "PIPEDRIVE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ADD_DEAL"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParams"
+ }
+ }
+ },
+ "FlowActionPipedriveAddDealParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "title"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "title": {
+ "type": "string"
+ },
+ "value": {
+ "type": "string"
+ },
+ "user_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParamsUserId"
+ },
+ "person_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParamsPersonId"
+ },
+ "organization_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParamsOrganizationId"
+ },
+ "stage_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParamsStageId"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddDealParamsFields"
+ }
+ }
+ },
+ "FlowActionPipedriveAddDealParamsFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionPipedriveAddDealParamsOrganizationId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddDealParamsPersonId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddDealParamsStageId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddDealParamsUserId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddOrganization": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "PIPEDRIVE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ADD_ORGANIZATION"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddOrganizationParams"
+ }
+ }
+ },
+ "FlowActionPipedriveAddOrganizationParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "name"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "name": {
+ "type": "string"
+ },
+ "owner_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddOrganizationParamsOwnerId"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddOrganizationParamsFields"
+ }
+ }
+ },
+ "FlowActionPipedriveAddOrganizationParamsFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionPipedriveAddOrganizationParamsOwnerId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddPerson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "PIPEDRIVE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ADD_PERSON"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddPersonParams"
+ }
+ }
+ },
+ "FlowActionPipedriveAddPersonParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "name"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "name": {
+ "type": "string"
+ },
+ "email": {
+ "type": "string"
+ },
+ "phone": {
+ "type": "string"
+ },
+ "owner_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddPersonParamsOwnerId"
+ },
+ "organization_id": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddPersonParamsOrganizationId"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FlowActionPipedriveAddPersonParamsFields"
+ }
+ }
+ },
+ "FlowActionPipedriveAddPersonParamsFields": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionPipedriveAddPersonParamsOrganizationId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionPipedriveAddPersonParamsOwnerId": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FlowActionSalesforce": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionSalesforceCreateLead"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSalesforceGetLead"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSalesforceSearchLeads"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionSalesforceUpdateLead"
+ }
+ ]
+ },
+ "FlowActionSalesforceCreateLead": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SALESFORCE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_LEAD"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSalesforceCreateLeadParams"
+ }
+ }
+ },
+ "FlowActionSalesforceCreateLeadParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "last_name",
+ "company"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "first_name": {
+ "type": "string"
+ },
+ "last_name": {
+ "type": "string",
+ "minLength": 1
+ },
+ "company": {
+ "type": "string",
+ "minLength": 1
+ },
+ "email": {
+ "type": "string"
+ },
+ "phone": {
+ "type": "string"
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionSalesforceCreateLeadParamsPayload"
+ }
+ }
+ },
+ "FlowActionSalesforceCreateLeadParamsPayload": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionSalesforceGetLead": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SALESFORCE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "GET_LEAD"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSalesforceGetLeadParams"
+ }
+ }
+ },
+ "FlowActionSalesforceGetLeadParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "lead_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "lead_id": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionSalesforceSearchLeads": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SALESFORCE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEARCH_LEADS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSalesforceSearchLeadsParams"
+ }
+ }
+ },
+ "FlowActionSalesforceSearchLeadsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "search_field",
+ "search_value",
+ "lead_fields"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "search_field": {
+ "type": "string",
+ "enum": [
+ "email",
+ "name",
+ "phone",
+ "all"
+ ]
+ },
+ "search_value": {
+ "type": "string",
+ "maxLength": 2000
+ },
+ "lead_fields": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "maxLength": 2000
+ }
+ }
+ }
+ },
+ "FlowActionSalesforceUpdateLead": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SALESFORCE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPDATE_LEAD"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSalesforceUpdateLeadParams"
+ }
+ }
+ },
+ "FlowActionSalesforceUpdateLeadParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "lead_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "lead_id": {
+ "type": "string",
+ "minLength": 1
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionSalesforceUpdateLeadParamsPayload"
+ }
+ }
+ },
+ "FlowActionSalesforceUpdateLeadParamsPayload": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionSendgrid": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionSendgridSendEmail"
+ }
+ ]
+ },
+ "FlowActionSendgridSendEmail": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SENDGRID"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_EMAIL"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSendgridSendEmailParams"
+ }
+ }
+ },
+ "FlowActionSendgridSendEmailParams": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "connection_id",
+ "personalizations",
+ "from"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "from": {
+ "$ref": "#/components/schemas/FlowActionSendgridSendEmailParamsPerson"
+ },
+ "personalizations": {
+ "type": "array",
+ "items": {}
+ }
+ }
+ },
+ "FlowActionSendgridSendEmailParamsPerson": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "email"
+ ],
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "email": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionSlack": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionSlackPostMessage"
+ }
+ ]
+ },
+ "FlowActionSlackPostMessage": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "SLACK"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "POST_MESSAGE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionSlackPostMessageParams"
+ }
+ }
+ },
+ "FlowActionSlackPostMessageParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "text": {
+ "type": "string"
+ },
+ "attachments": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowActionSlackPostMessageParamsAttachment"
+ }
+ }
+ }
+ },
+ "FlowActionSlackPostMessageParamsAttachment": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "color": {
+ "type": "string",
+ "enum": [
+ "GOOD",
+ "WARNING",
+ "DANGER"
+ ]
+ },
+ "pretext": {
+ "type": "string"
+ },
+ "text": {
+ "type": "string"
+ },
+ "fields": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowActionSlackPostMessageParamsAttachmentField"
+ }
+ }
+ }
+ },
+ "FlowActionSlackPostMessageParamsAttachmentField": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "title"
+ ],
+ "properties": {
+ "title": {
+ "type": "string"
+ },
+ "value": {
+ "type": "string",
+ "minLength": 0
+ },
+ "short": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FlowActionStripe": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionStripeAddTaxId"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeCreateCustomer"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeCreatePortalSession"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeDeleteTaxId"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeFindCustomers"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeGetCustomer"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionStripeUpdateCustomer"
+ }
+ ]
+ },
+ "FlowActionStripeAddTaxId": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "ADD_TAX_ID"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeAddTaxIdParams"
+ }
+ }
+ },
+ "FlowActionStripeAddTaxIdParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "customer_id",
+ "type",
+ "value"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "customer_id": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "type": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "value": {
+ "type": "string",
+ "maxLength": 250
+ }
+ }
+ },
+ "FlowActionStripeAddress": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "line1": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "line2": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "postalCode": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "city": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "state": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "country": {
+ "type": "string",
+ "maxLength": 250
+ }
+ }
+ },
+ "FlowActionStripeCreateCustomer": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_CUSTOMER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeCreateCustomerParams"
+ }
+ }
+ },
+ "FlowActionStripeCreateCustomerParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "tax_id": {
+ "$ref": "#/components/schemas/FlowActionStripeTaxId"
+ },
+ "name": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "description": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "email": {
+ "type": "string",
+ "maxLength": 512
+ },
+ "phone": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "tax_exempt": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/FlowActionStripeAddress"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/FlowActionStripeMetadata"
+ }
+ }
+ },
+ "FlowActionStripeCreatePortalSession": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "CREATE_PORTAL_SESSION"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeCreatePortalSessionParams"
+ }
+ }
+ },
+ "FlowActionStripeCreatePortalSessionParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "customer_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "customer_id": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "return_url": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionStripeDeleteTaxId": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "DELETE_TAX_ID"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeDeleteTaxIdParams"
+ }
+ }
+ },
+ "FlowActionStripeDeleteTaxIdParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "customer_id",
+ "id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "customer_id": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "id": {
+ "type": "string",
+ "maxLength": 250
+ }
+ }
+ },
+ "FlowActionStripeFindCustomers": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "FIND_CUSTOMERS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeFindCustomersParams"
+ }
+ }
+ },
+ "FlowActionStripeFindCustomersParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "email"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "email": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionStripeGetCustomer": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "GET_CUSTOMER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeGetCustomerParams"
+ }
+ }
+ },
+ "FlowActionStripeGetCustomerParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "id": {
+ "type": "string",
+ "maxLength": 250
+ }
+ }
+ },
+ "FlowActionStripeMetadata": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FlowActionStripeTaxId": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "value"
+ ],
+ "properties": {
+ "type": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "value": {
+ "type": "string",
+ "maxLength": 250
+ }
+ }
+ },
+ "FlowActionStripeUpdateCustomer": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "UPDATE_CUSTOMER"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionStripeUpdateCustomerParams"
+ }
+ }
+ },
+ "FlowActionStripeUpdateCustomerParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "id": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "name": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "description": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "email": {
+ "type": "string",
+ "maxLength": 512
+ },
+ "phone": {
+ "type": "string",
+ "maxLength": 250
+ },
+ "tax_exempt": {
+ "type": "string"
+ },
+ "address": {
+ "$ref": "#/components/schemas/FlowActionStripeAddress"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/FlowActionStripeMetadata"
+ }
+ }
+ },
+ "FlowActionTelegram": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionTelegramSendMessage"
+ }
+ ]
+ },
+ "FlowActionTelegramSendMessage": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "TELEGRAM"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_MESSAGE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionTelegramSendMessageParams"
+ }
+ }
+ },
+ "FlowActionTelegramSendMessageParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "chat_id",
+ "text"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "chat_id": {
+ "type": "string"
+ },
+ "text": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionTwilio": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionTwilioMakeCall"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionTwilioSendSms"
+ }
+ ]
+ },
+ "FlowActionTwilioMakeCall": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "TWILIO"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "MAKE_CALL"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionTwilioMakeCallParams"
+ }
+ }
+ },
+ "FlowActionTwilioMakeCallParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "from",
+ "to",
+ "payload"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "from": {
+ "type": "string"
+ },
+ "to": {
+ "type": "string"
+ },
+ "payload": {
+ "type": "string",
+ "maxLength": 4096
+ }
+ }
+ },
+ "FlowActionTwilioSendSms": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "TWILIO"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_SMS"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionTwilioSendSmsParams"
+ }
+ }
+ },
+ "FlowActionTwilioSendSmsParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "from",
+ "to",
+ "message"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "from": {
+ "type": "string",
+ "maxLength": 50
+ },
+ "to": {
+ "type": "string",
+ "maxLength": 50
+ },
+ "message": {
+ "type": "string",
+ "maxLength": 1500
+ }
+ }
+ },
+ "FlowActionWhatsapp": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionWhatsappSendMessage"
+ }
+ ]
+ },
+ "FlowActionWhatsappSendMessage": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "WHATSAPP"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SEND_MESSAGE"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionWhatsappSendMessageParams"
+ }
+ }
+ },
+ "FlowActionWhatsappSendMessageParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "connection_id",
+ "sender_id",
+ "recipient_number",
+ "type",
+ "payload"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "sender_id": {
+ "type": "string"
+ },
+ "recipient_number": {
+ "type": "string"
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "AUDIO",
+ "CONTACTS",
+ "DOCUMENT",
+ "IMAGE",
+ "INTERACTIVE",
+ "LOCATION",
+ "STICKER",
+ "TEMPLATE",
+ "TEXT"
+ ]
+ },
+ "payload": {
+ "$ref": "#/components/schemas/FlowActionWhatsappSendMessageParamsPayload"
+ }
+ }
+ },
+ "FlowActionWhatsappSendMessageParamsPayload": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionWhatsappSendMessageParamsPayloadObject"
+ },
+ {
+ "type": "string"
+ }
+ ]
+ },
+ "FlowActionWhatsappSendMessageParamsPayloadObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionXml": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionXmlParseXml"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionXmlSerializeXml"
+ }
+ ]
+ },
+ "FlowActionXmlParseXml": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "XML"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "PARSE_XML"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionXmlParseXmlParams"
+ }
+ }
+ },
+ "FlowActionXmlParseXmlParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "xml"
+ ],
+ "properties": {
+ "xml": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowActionXmlSerializeXml": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "XML"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "SERIALIZE_XML"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionXmlSerializeXmlParams"
+ }
+ }
+ },
+ "FlowActionXmlSerializeXmlParams": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "object"
+ ],
+ "properties": {
+ "object": {
+ "$ref": "#/components/schemas/FlowActionXmlSerializeXmlParamsObject"
+ }
+ }
+ },
+ "FlowActionXmlSerializeXmlParamsObject": {
+ "oneOf": [
+ {
+ "type": "string"
+ },
+ {
+ "$ref": "#/components/schemas/FlowActionXmlSerializeXmlParamsObjectObject"
+ }
+ ]
+ },
+ "FlowActionXmlSerializeXmlParamsObjectObject": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "FlowActionZapier": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FlowActionZapierTriggerWebhook"
+ }
+ ]
+ },
+ "FlowActionZapierTriggerWebhook": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "action",
+ "params"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "maxLength": 100
+ },
+ "type": {
+ "type": "string",
+ "enum": [
+ "ZAPIER"
+ ]
+ },
+ "action": {
+ "type": "string",
+ "enum": [
+ "TRIGGER_WEBHOOK"
+ ]
+ },
+ "allow_failure": {
+ "type": "boolean"
+ },
+ "mask_output": {
+ "type": "boolean"
+ },
+ "params": {
+ "$ref": "#/components/schemas/FlowActionZapierTriggerWebhookParams"
+ }
+ }
+ },
+ "FlowActionZapierTriggerWebhookParams": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "connection_id"
+ ],
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "method": {
+ "type": "string",
+ "enum": [
+ "GET",
+ "POST",
+ "PUT"
+ ]
+ }
+ }
+ },
+ "FlowExecutionDebug": {
+ "type": "object",
+ "description": "Flow execution debug.",
+ "additionalProperties": true
+ },
+ "FlowExecutionSummary": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "trace_id",
+ "status",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flow execution identifier",
+ "maxLength": 30,
+ "format": "flow-execution-id"
+ },
+ "trace_id": {
+ "type": "string",
+ "description": "Trace id",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "journey_id": {
+ "type": "string",
+ "description": "Journey id",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "status": {
+ "type": "string",
+ "description": "Execution status",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution was updated.",
+ "format": "date-time"
+ },
+ "started_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution started.",
+ "format": "date-time"
+ },
+ "ended_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution ended.",
+ "format": "date-time"
+ }
+ }
+ },
+ "FlowSummary": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "executed_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "api_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeApiKeyEnum"
+ },
+ "api_key": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupApiKeyWithBaseUrl": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "api_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeApiKeyEnum"
+ },
+ "api_key": {
+ "type": "string"
+ },
+ "base_url": {
+ "type": "string",
+ "format": "forms-url-https"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupBigqueryOauthJwt": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeOauthJwtEnum"
+ },
+ "project_id": {
+ "type": "string"
+ },
+ "private_key": {
+ "type": "string"
+ },
+ "client_email": {
+ "type": "string",
+ "format": "email"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupHttpBearer": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "token"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeBearerEnum"
+ },
+ "token": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupJwt": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "type",
+ "algorithm"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeJwtEnum"
+ },
+ "algorithm": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupJwtAlgorithmEnum"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupJwtAlgorithmEnum": {
+ "type": "string",
+ "enum": [
+ "HS256",
+ "HS384",
+ "HS512",
+ "RS256",
+ "RS384",
+ "RS512",
+ "ES256",
+ "ES384",
+ "ES512",
+ "PS256",
+ "PS384",
+ "PS512"
+ ]
+ },
+ "FlowsVaultConnectioSetupMailjetApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "api_key",
+ "secret_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeApiKeyEnum"
+ },
+ "api_key": {
+ "type": "string"
+ },
+ "secret_key": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupOauthApp": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "client_id",
+ "client_secret",
+ "domain"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeOauthAppEnum"
+ },
+ "client_id": {
+ "type": "string"
+ },
+ "client_secret": {
+ "type": "string"
+ },
+ "domain": {
+ "type": "string",
+ "format": "hostname-rfc2181"
+ },
+ "audience": {
+ "type": "string",
+ "minLength": 1,
+ "format": "forms-url-https"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupOauthCode": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeOauthCodeEnum"
+ },
+ "code": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupSecretApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "secret_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeApiKeyEnum"
+ },
+ "secret_key": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupStripeKeyPair": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "private_key",
+ "public_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeKeyPairEnum"
+ },
+ "private_key": {
+ "type": "string"
+ },
+ "public_key": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupToken": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "token"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeTokenEnum"
+ },
+ "token": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupTwilioApiKey": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "account_id",
+ "api_key"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeApiKeyEnum"
+ },
+ "account_id": {
+ "type": "string"
+ },
+ "api_key": {
+ "type": "string"
+ }
+ }
+ },
+ "FlowsVaultConnectioSetupTypeApiKeyEnum": {
+ "type": "string",
+ "enum": [
+ "API_KEY"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeBearerEnum": {
+ "type": "string",
+ "enum": [
+ "BEARER"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeJwtEnum": {
+ "type": "string",
+ "enum": [
+ "JWT"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeKeyPairEnum": {
+ "type": "string",
+ "enum": [
+ "KEY_PAIR"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeOauthAppEnum": {
+ "type": "string",
+ "enum": [
+ "OAUTH_APP"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeOauthCodeEnum": {
+ "type": "string",
+ "enum": [
+ "OAUTH_CODE"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeOauthJwtEnum": {
+ "type": "string",
+ "enum": [
+ "OAUTH_JWT"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeTokenEnum": {
+ "type": "string",
+ "enum": [
+ "TOKEN"
+ ]
+ },
+ "FlowsVaultConnectioSetupTypeWebhookEnum": {
+ "type": "string",
+ "enum": [
+ "WEBHOOK"
+ ]
+ },
+ "FlowsVaultConnectioSetupWebhook": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "url"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTypeWebhookEnum"
+ },
+ "url": {
+ "type": "string",
+ "format": "forms-url-https"
+ }
+ }
+ },
+ "FlowsVaultConnectionAppIdActivecampaignEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "ACTIVECAMPAIGN"
+ ]
+ },
+ "FlowsVaultConnectionAppIdAirtableEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "AIRTABLE"
+ ]
+ },
+ "FlowsVaultConnectionAppIdAuth0Enum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "AUTH0"
+ ]
+ },
+ "FlowsVaultConnectionAppIdBigqueryEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "BIGQUERY"
+ ]
+ },
+ "FlowsVaultConnectionAppIdClearbitEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "CLEARBIT"
+ ]
+ },
+ "FlowsVaultConnectionAppIdDocusignEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "DOCUSIGN"
+ ]
+ },
+ "FlowsVaultConnectionAppIdGoogleSheetsEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "GOOGLE_SHEETS"
+ ]
+ },
+ "FlowsVaultConnectionAppIdHttpEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "HTTP"
+ ]
+ },
+ "FlowsVaultConnectionAppIdHubspotEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "HUBSPOT"
+ ]
+ },
+ "FlowsVaultConnectionAppIdJwtEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "JWT"
+ ]
+ },
+ "FlowsVaultConnectionAppIdMailchimpEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "MAILCHIMP"
+ ]
+ },
+ "FlowsVaultConnectionAppIdMailjetEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "MAILJET"
+ ]
+ },
+ "FlowsVaultConnectionAppIdPipedriveEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "PIPEDRIVE"
+ ]
+ },
+ "FlowsVaultConnectionAppIdSalesforceEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "SALESFORCE"
+ ]
+ },
+ "FlowsVaultConnectionAppIdSendgridEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "SENDGRID"
+ ]
+ },
+ "FlowsVaultConnectionAppIdSlackEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "SLACK"
+ ]
+ },
+ "FlowsVaultConnectionAppIdStripeEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "FlowsVaultConnectionAppIdTelegramEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "TELEGRAM"
+ ]
+ },
+ "FlowsVaultConnectionAppIdTwilioEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "TWILIO"
+ ]
+ },
+ "FlowsVaultConnectionAppIdWhatsappEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "WHATSAPP"
+ ]
+ },
+ "FlowsVaultConnectionAppIdZapierEnum": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55,
+ "enum": [
+ "ZAPIER"
+ ]
+ },
+ "FlowsVaultConnectionSummary": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "app_id",
+ "name",
+ "ready",
+ "created_at",
+ "updated_at",
+ "fingerprint"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flows Vault Connection identifier.",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "app_id": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "account_name": {
+ "type": "string",
+ "description": "Flows Vault Connection custom account name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "ready": {
+ "type": "boolean",
+ "description": "Whether the Flows Vault Connection is configured."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was updated.",
+ "format": "date-time"
+ },
+ "refreshed_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was refreshed.",
+ "format": "date-time"
+ },
+ "fingerprint": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormBlock": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormBlockDivider"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockHtml"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockImage"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockJumpButton"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockResendButton"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockNextButton"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockPreviousButton"
+ },
+ {
+ "$ref": "#/components/schemas/FormBlockRichText"
+ }
+ ]
+ },
+ "FormBlockDivider": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeDividerConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockDividerConfig"
+ }
+ }
+ },
+ "FormBlockDividerConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "text": {
+ "type": "string",
+ "maxLength": 50
+ }
+ }
+ },
+ "FormBlockHtml": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeHtmlConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockHtmlConfig"
+ }
+ }
+ },
+ "FormBlockHtmlConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "content": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "FormBlockImage": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeImageConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockImageConfig"
+ }
+ }
+ },
+ "FormBlockImageConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "src"
+ ],
+ "properties": {
+ "src": {
+ "type": "string",
+ "maxLength": 500
+ },
+ "position": {
+ "$ref": "#/components/schemas/FormBlockImageConfigPositionEnum"
+ },
+ "height": {
+ "type": "number"
+ }
+ }
+ },
+ "FormBlockImageConfigPositionEnum": {
+ "type": "string",
+ "enum": [
+ "LEFT",
+ "CENTER",
+ "RIGHT"
+ ]
+ },
+ "FormBlockJumpButton": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeJumpButtonConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockJumpButtonConfig"
+ }
+ }
+ },
+ "FormBlockJumpButtonConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "text",
+ "next_node"
+ ],
+ "properties": {
+ "text": {
+ "type": "string",
+ "maxLength": 150
+ },
+ "next_node": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormBlockJumpButtonConfigStyle"
+ }
+ }
+ },
+ "FormBlockJumpButtonConfigStyle": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "background_color": {
+ "type": "string",
+ "format": "forms-hex-color"
+ }
+ }
+ },
+ "FormBlockNextButton": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeNextButtonConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockNextButtonConfig"
+ }
+ }
+ },
+ "FormBlockNextButtonConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "text"
+ ],
+ "properties": {
+ "text": {
+ "type": "string",
+ "maxLength": 150
+ }
+ }
+ },
+ "FormBlockPreviousButton": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypePreviousButtonConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockPreviousButtonConfig"
+ }
+ }
+ },
+ "FormBlockPreviousButtonConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "text"
+ ],
+ "properties": {
+ "text": {
+ "type": "string",
+ "maxLength": 150
+ }
+ }
+ },
+ "FormBlockResendButton": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeResendButtonConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockResendButtonConfig"
+ }
+ }
+ },
+ "FormBlockResendButtonConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "active_text",
+ "button_text",
+ "waiting_text",
+ "flow_id"
+ ],
+ "properties": {
+ "active_text": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "button_text": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "waiting_text": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "text_alignment": {
+ "$ref": "#/components/schemas/FormBlockResendButtonConfigTextAlignmentEnum"
+ },
+ "flow_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "max_attempts": {
+ "type": "number"
+ },
+ "waiting_time": {
+ "type": "number"
+ }
+ }
+ },
+ "FormBlockResendButtonConfigTextAlignmentEnum": {
+ "type": "string",
+ "enum": [
+ "LEFT",
+ "CENTER",
+ "RIGHT"
+ ]
+ },
+ "FormBlockRichText": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryBlockConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormBlockTypeRichTextConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormBlockRichTextConfig"
+ }
+ }
+ },
+ "FormBlockRichTextConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "content": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "FormBlockTypeDividerConst": {
+ "type": "string",
+ "enum": [
+ "DIVIDER"
+ ]
+ },
+ "FormBlockTypeHtmlConst": {
+ "type": "string",
+ "enum": [
+ "HTML"
+ ]
+ },
+ "FormBlockTypeImageConst": {
+ "type": "string",
+ "enum": [
+ "IMAGE"
+ ]
+ },
+ "FormBlockTypeJumpButtonConst": {
+ "type": "string",
+ "enum": [
+ "JUMP_BUTTON"
+ ]
+ },
+ "FormBlockTypeNextButtonConst": {
+ "type": "string",
+ "enum": [
+ "NEXT_BUTTON"
+ ]
+ },
+ "FormBlockTypePreviousButtonConst": {
+ "type": "string",
+ "enum": [
+ "PREVIOUS_BUTTON"
+ ]
+ },
+ "FormBlockTypeResendButtonConst": {
+ "type": "string",
+ "enum": [
+ "RESEND_BUTTON"
+ ]
+ },
+ "FormBlockTypeRichTextConst": {
+ "type": "string",
+ "enum": [
+ "RICH_TEXT"
+ ]
+ },
+ "FormComponent": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormBlock"
+ },
+ {
+ "$ref": "#/components/schemas/FormWidget"
+ },
+ {
+ "$ref": "#/components/schemas/FormField"
+ }
+ ]
+ },
+ "FormComponentCategoryBlockConst": {
+ "type": "string",
+ "enum": [
+ "BLOCK"
+ ]
+ },
+ "FormComponentCategoryFieldConst": {
+ "type": "string",
+ "enum": [
+ "FIELD"
+ ]
+ },
+ "FormComponentCategoryWidgetConst": {
+ "type": "string",
+ "enum": [
+ "WIDGET"
+ ]
+ },
+ "FormEndingNode": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "redirection": {
+ "$ref": "#/components/schemas/FormEndingNodeRedirection"
+ },
+ "after_submit": {
+ "$ref": "#/components/schemas/FormEndingNodeAfterSubmit"
+ },
+ "coordinates": {
+ "$ref": "#/components/schemas/FormNodeCoordinates"
+ },
+ "resume_flow": {
+ "$ref": "#/components/schemas/FormEndingNodeResumeFlowTrueConst"
+ }
+ }
+ },
+ "FormEndingNodeAfterSubmit": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "flow_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ }
+ }
+ },
+ "FormEndingNodeId": {
+ "type": "string",
+ "enum": [
+ "$ending"
+ ]
+ },
+ "FormEndingNodeNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormEndingNode"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormEndingNodeRedirection": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "target"
+ ],
+ "properties": {
+ "delay": {
+ "type": "integer"
+ },
+ "target": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 1024
+ }
+ }
+ },
+ "FormEndingNodeResumeFlowTrueConst": {
+ "type": "boolean",
+ "enum": [
+ true
+ ]
+ },
+ "FormField": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormFieldBoolean"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldCards"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldChoice"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldCustom"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldDate"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldDropdown"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldEmail"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldFile"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldLegal"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldNumber"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldPassword"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldPayment"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldSocial"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldTel"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldText"
+ },
+ {
+ "$ref": "#/components/schemas/FormFieldUrl"
+ }
+ ]
+ },
+ "FormFieldBoolean": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeBooleanConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldBooleanConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldBooleanConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "default_value": {
+ "type": "boolean"
+ },
+ "options": {
+ "$ref": "#/components/schemas/FormFieldBooleanConfigOptions"
+ }
+ }
+ },
+ "FormFieldBooleanConfigOptions": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "true": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "false": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 50
+ }
+ }
+ },
+ "FormFieldCards": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeCardsConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldCardsConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldCardsConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "hide_labels": {
+ "type": "boolean"
+ },
+ "multiple": {
+ "type": "boolean"
+ },
+ "options": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormFieldCardsConfigOption"
+ }
+ },
+ "default_value": {}
+ }
+ },
+ "FormFieldCardsConfigOption": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "value",
+ "label",
+ "image_url"
+ ],
+ "properties": {
+ "value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "image_url": {
+ "type": "string",
+ "format": "forms-url-https"
+ }
+ }
+ },
+ "FormFieldChoice": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeChoiceConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldChoiceConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldChoiceConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "multiple": {
+ "type": "boolean"
+ },
+ "options": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormFieldChoiceConfigOption"
+ }
+ },
+ "allow_other": {
+ "$ref": "#/components/schemas/FormFieldChoiceConfigAllowOther"
+ },
+ "default_value": {}
+ }
+ },
+ "FormFieldChoiceConfigAllowOther": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "$ref": "#/components/schemas/FormFieldChoiceConfigAllowOtherEnabledTrueEnum"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormFieldChoiceConfigAllowOtherEnabledTrueEnum": {
+ "type": "boolean",
+ "enum": [
+ true
+ ]
+ },
+ "FormFieldChoiceConfigOption": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "value",
+ "label"
+ ],
+ "properties": {
+ "value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormFieldCustom": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeCustomConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldCustomConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldCustomConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "schema",
+ "code"
+ ],
+ "properties": {
+ "schema": {
+ "$ref": "#/components/schemas/FormFieldCustomConfigSchema"
+ },
+ "code": {
+ "type": "string",
+ "minLength": 1
+ },
+ "css": {
+ "type": "string",
+ "minLength": 1
+ },
+ "params": {
+ "$ref": "#/components/schemas/FormFieldCustomConfigParams"
+ }
+ }
+ },
+ "FormFieldCustomConfigParams": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormFieldCustomConfigSchema": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormFieldDate": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeDateConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldDateConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldDateConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "format": {
+ "$ref": "#/components/schemas/FormFieldDateConfigFormatEnum"
+ },
+ "default_value": {
+ "type": "string"
+ }
+ }
+ },
+ "FormFieldDateConfigFormatEnum": {
+ "type": "string",
+ "enum": [
+ "DATE",
+ "TIME"
+ ]
+ },
+ "FormFieldDropdown": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeDropdownConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldDropdownConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldDropdownConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "multiple": {
+ "type": "boolean"
+ },
+ "options": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormFieldDropdownConfigOption"
+ }
+ },
+ "default_value": {},
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ }
+ }
+ },
+ "FormFieldDropdownConfigOption": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "value",
+ "label"
+ ],
+ "properties": {
+ "value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormFieldEmail": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeEmailConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldEmailConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldEmailConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "default_value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ }
+ }
+ },
+ "FormFieldFile": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeFileConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldFileConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldFileConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "multiple": {
+ "type": "boolean"
+ },
+ "storage": {
+ "$ref": "#/components/schemas/FormFieldFileConfigStorage"
+ },
+ "categories": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormFieldFileConfigCategoryEnum"
+ }
+ },
+ "extensions": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "maxLength": 50,
+ "format": "forms-file-extension"
+ }
+ },
+ "maxSize": {
+ "type": "integer"
+ },
+ "maxFiles": {
+ "type": "integer"
+ }
+ }
+ },
+ "FormFieldFileConfigCategoryEnum": {
+ "type": "string",
+ "enum": [
+ "AUDIO",
+ "VIDEO",
+ "IMAGE",
+ "DOCUMENT",
+ "ARCHIVE"
+ ]
+ },
+ "FormFieldFileConfigStorage": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "type"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FormFieldFileConfigStorageTypeEnum"
+ }
+ }
+ },
+ "FormFieldFileConfigStorageTypeEnum": {
+ "type": "string",
+ "enum": [
+ "MANAGED",
+ "CUSTOM"
+ ]
+ },
+ "FormFieldLegal": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeLegalConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldLegalConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldLegalConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "text": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 10000
+ }
+ }
+ },
+ "FormFieldNumber": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeNumberConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldNumberConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldNumberConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "default_value": {
+ "type": "number"
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "min_value": {
+ "type": "number"
+ },
+ "max_value": {
+ "type": "number"
+ }
+ }
+ },
+ "FormFieldPassword": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypePasswordConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldPasswordConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldPasswordConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "hash": {
+ "$ref": "#/components/schemas/FormFieldPasswordConfigHashEnum"
+ },
+ "placeholder": {
+ "type": "string",
+ "maxLength": 500
+ },
+ "min_length": {
+ "type": "integer"
+ },
+ "max_length": {
+ "type": "integer"
+ },
+ "complexity": {
+ "type": "boolean"
+ },
+ "nist": {
+ "type": "boolean"
+ },
+ "strength_meter": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldPasswordConfigHashEnum": {
+ "type": "string",
+ "enum": [
+ "NONE",
+ "MD5",
+ "SHA1",
+ "SHA256",
+ "SHA512"
+ ]
+ },
+ "FormFieldPayment": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypePaymentConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldPaymentConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "charge",
+ "credentials"
+ ],
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigProviderEnum"
+ },
+ "charge": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigCharge"
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigCredentials"
+ },
+ "customer": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigCustomer"
+ },
+ "fields": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigFields"
+ }
+ }
+ },
+ "FormFieldPaymentConfigCharge": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeOneOff"
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "subscription"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeTypeSubscriptionConst"
+ },
+ "subscription": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigSubscription"
+ }
+ }
+ }
+ ]
+ },
+ "FormFieldPaymentConfigChargeOneOff": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type",
+ "one_off"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeTypeOneOffConst"
+ },
+ "one_off": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeOneOffOneOff"
+ }
+ }
+ },
+ "FormFieldPaymentConfigChargeOneOffCurrencyEnum": {
+ "type": "string",
+ "enum": [
+ "AUD",
+ "CAD",
+ "CHF",
+ "EUR",
+ "GBP",
+ "INR",
+ "MXN",
+ "SEK",
+ "USD"
+ ]
+ },
+ "FormFieldPaymentConfigChargeOneOffOneOff": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "amount",
+ "currency"
+ ],
+ "properties": {
+ "amount": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeOneOffOneOffAmount"
+ },
+ "currency": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigChargeOneOffCurrencyEnum"
+ }
+ }
+ },
+ "FormFieldPaymentConfigChargeOneOffOneOffAmount": {
+ "oneOf": [
+ {
+ "type": "string",
+ "minLength": 1
+ },
+ {
+ "type": "number"
+ }
+ ]
+ },
+ "FormFieldPaymentConfigChargeTypeOneOffConst": {
+ "type": "string",
+ "enum": [
+ "ONE_OFF"
+ ]
+ },
+ "FormFieldPaymentConfigChargeTypeSubscriptionConst": {
+ "type": "string",
+ "enum": [
+ "SUBSCRIPTION"
+ ]
+ },
+ "FormFieldPaymentConfigCredentials": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "public_key",
+ "private_key"
+ ],
+ "properties": {
+ "public_key": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 250
+ },
+ "private_key": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 250
+ }
+ }
+ },
+ "FormFieldPaymentConfigCustomer": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormFieldPaymentConfigFieldProperties": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "label": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 250
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 250
+ }
+ }
+ },
+ "FormFieldPaymentConfigFields": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "card_number": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigFieldProperties"
+ },
+ "expiration_date": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigFieldProperties"
+ },
+ "security_code": {
+ "$ref": "#/components/schemas/FormFieldPaymentConfigFieldProperties"
+ },
+ "trustmarks": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldPaymentConfigProviderEnum": {
+ "type": "string",
+ "enum": [
+ "STRIPE"
+ ]
+ },
+ "FormFieldPaymentConfigSubscription": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormFieldSocial": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeSocialConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldSocialConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldSocialConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {}
+ },
+ "FormFieldTel": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeTelConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldTelConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldTelConfig": {
+ "type": "object",
+ "allOf": [
+ {
+ "type": "object",
+ "additionalProperties": true
+ },
+ {
+ "type": "object",
+ "additionalProperties": true
+ },
+ {
+ "type": "object",
+ "additionalProperties": true
+ }
+ ],
+ "additionalProperties": false,
+ "properties": {
+ "default_value": {
+ "type": "string"
+ },
+ "placeholder": {
+ "type": "string",
+ "maxLength": 500
+ },
+ "min_length": {
+ "type": "integer"
+ },
+ "max_length": {
+ "type": "integer"
+ },
+ "country_picker": {
+ "type": "boolean"
+ },
+ "strings": {
+ "$ref": "#/components/schemas/FormFieldTelConfigStrings"
+ }
+ }
+ },
+ "FormFieldTelConfigStrings": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "filter_placeholder": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormFieldText": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeTextConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldTextConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldTextConfig": {
+ "type": "object",
+ "allOf": [
+ {
+ "type": "object",
+ "additionalProperties": true
+ },
+ {
+ "type": "object",
+ "additionalProperties": true
+ },
+ {
+ "type": "object",
+ "additionalProperties": true
+ }
+ ],
+ "additionalProperties": false,
+ "properties": {
+ "multiline": {
+ "type": "boolean"
+ },
+ "default_value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "min_length": {
+ "type": "integer"
+ },
+ "max_length": {
+ "type": "integer"
+ }
+ }
+ },
+ "FormFieldTypeBooleanConst": {
+ "type": "string",
+ "enum": [
+ "BOOLEAN"
+ ]
+ },
+ "FormFieldTypeCardsConst": {
+ "type": "string",
+ "enum": [
+ "CARDS"
+ ]
+ },
+ "FormFieldTypeChoiceConst": {
+ "type": "string",
+ "enum": [
+ "CHOICE"
+ ]
+ },
+ "FormFieldTypeCustomConst": {
+ "type": "string",
+ "enum": [
+ "CUSTOM"
+ ]
+ },
+ "FormFieldTypeDateConst": {
+ "type": "string",
+ "enum": [
+ "DATE"
+ ]
+ },
+ "FormFieldTypeDropdownConst": {
+ "type": "string",
+ "enum": [
+ "DROPDOWN"
+ ]
+ },
+ "FormFieldTypeEmailConst": {
+ "type": "string",
+ "enum": [
+ "EMAIL"
+ ]
+ },
+ "FormFieldTypeFileConst": {
+ "type": "string",
+ "enum": [
+ "FILE"
+ ]
+ },
+ "FormFieldTypeLegalConst": {
+ "type": "string",
+ "enum": [
+ "LEGAL"
+ ]
+ },
+ "FormFieldTypeNumberConst": {
+ "type": "string",
+ "enum": [
+ "NUMBER"
+ ]
+ },
+ "FormFieldTypePasswordConst": {
+ "type": "string",
+ "enum": [
+ "PASSWORD"
+ ]
+ },
+ "FormFieldTypePaymentConst": {
+ "type": "string",
+ "enum": [
+ "PAYMENT"
+ ]
+ },
+ "FormFieldTypeSocialConst": {
+ "type": "string",
+ "enum": [
+ "SOCIAL"
+ ]
+ },
+ "FormFieldTypeTelConst": {
+ "type": "string",
+ "enum": [
+ "TEL"
+ ]
+ },
+ "FormFieldTypeTextConst": {
+ "type": "string",
+ "enum": [
+ "TEXT"
+ ]
+ },
+ "FormFieldTypeUrlConst": {
+ "type": "string",
+ "enum": [
+ "URL"
+ ]
+ },
+ "FormFieldUrl": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryFieldConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormFieldTypeUrlConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFieldUrlConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormFieldUrlConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "default_value": {
+ "type": "string",
+ "minLength": 1
+ },
+ "placeholder": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ }
+ }
+ },
+ "FormFlow": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormNodeTypeFlowConst"
+ },
+ "coordinates": {
+ "$ref": "#/components/schemas/FormNodeCoordinates"
+ },
+ "alias": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormFlowConfig"
+ }
+ }
+ },
+ "FormFlowConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "flow_id"
+ ],
+ "properties": {
+ "flow_id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "next_node": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ }
+ }
+ },
+ "FormHiddenField": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "key"
+ ],
+ "properties": {
+ "key": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "value": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ }
+ }
+ },
+ "FormLanguages": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "primary": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "default": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 55
+ }
+ }
+ },
+ "FormLanguagesNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormLanguages"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormMessages": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "errors": {
+ "$ref": "#/components/schemas/FormMessagesError"
+ },
+ "custom": {
+ "$ref": "#/components/schemas/FormMessagesCustom"
+ }
+ }
+ },
+ "FormMessagesCustom": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormMessagesError": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormMessagesNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormMessages"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormNode": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormFlow"
+ },
+ {
+ "$ref": "#/components/schemas/FormRouter"
+ },
+ {
+ "$ref": "#/components/schemas/FormStep"
+ }
+ ]
+ },
+ "FormNodeCoordinates": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "x",
+ "y"
+ ],
+ "properties": {
+ "x": {
+ "type": "integer"
+ },
+ "y": {
+ "type": "integer"
+ }
+ }
+ },
+ "FormNodeList": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormNode"
+ }
+ },
+ "FormNodeListNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormNodeList"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormNodePointer": {
+ "oneOf": [
+ {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ {
+ "$ref": "#/components/schemas/FormEndingNodeId"
+ }
+ ]
+ },
+ "FormNodeTypeFlowConst": {
+ "type": "string",
+ "enum": [
+ "FLOW"
+ ]
+ },
+ "FormNodeTypeRouterConst": {
+ "type": "string",
+ "enum": [
+ "ROUTER"
+ ]
+ },
+ "FormNodeTypeStepConst": {
+ "type": "string",
+ "enum": [
+ "STEP"
+ ]
+ },
+ "FormRouter": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormNodeTypeRouterConst"
+ },
+ "coordinates": {
+ "$ref": "#/components/schemas/FormNodeCoordinates"
+ },
+ "alias": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormRouterConfig"
+ }
+ }
+ },
+ "FormRouterConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "rules": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormRouterRule"
+ }
+ },
+ "fallback": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ }
+ }
+ },
+ "FormRouterRule": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "condition"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "alias": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "condition": {},
+ "next_node": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ }
+ }
+ },
+ "FormStartNode": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "hidden_fields": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormHiddenField"
+ }
+ },
+ "next_node": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ },
+ "coordinates": {
+ "$ref": "#/components/schemas/FormNodeCoordinates"
+ }
+ }
+ },
+ "FormStartNodeNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormStartNode"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormStep": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormNodeTypeStepConst"
+ },
+ "coordinates": {
+ "$ref": "#/components/schemas/FormNodeCoordinates"
+ },
+ "alias": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormStepConfig"
+ }
+ }
+ },
+ "FormStepComponentList": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FormComponent"
+ }
+ },
+ "FormStepConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "components": {
+ "$ref": "#/components/schemas/FormStepComponentList"
+ },
+ "next_node": {
+ "$ref": "#/components/schemas/FormNodePointer"
+ }
+ }
+ },
+ "FormStyle": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "css": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 5000
+ }
+ }
+ },
+ "FormStyleNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormStyle"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormSummary": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "form-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "embedded_at": {
+ "type": "string",
+ "format": "date"
+ },
+ "submitted_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "FormTranslations": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "FormTranslationsNullable": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormTranslations"
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "FormWidget": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/FormWidgetAuth0VerifiableCredentials"
+ },
+ {
+ "$ref": "#/components/schemas/FormWidgetGMapsAddress"
+ },
+ {
+ "$ref": "#/components/schemas/FormWidgetRecaptcha"
+ }
+ ]
+ },
+ "FormWidgetAuth0VerifiableCredentials": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryWidgetConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormWidgetTypeAuth0VerifiableCredentialsConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormWidgetAuth0VerifiableCredentialsConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormWidgetAuth0VerifiableCredentialsConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "url",
+ "alternate_text",
+ "access_token",
+ "verification_id"
+ ],
+ "properties": {
+ "url": {
+ "type": "string",
+ "maxLength": 2000
+ },
+ "size": {
+ "type": "number"
+ },
+ "alternate_text": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "access_token": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 5000
+ },
+ "verification_id": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "max_wait": {
+ "type": "number"
+ }
+ }
+ },
+ "FormWidgetGMapsAddress": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryWidgetConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormWidgetTypeGMapsAddressConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormWidgetGMapsAddressConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormWidgetGMapsAddressConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "api_key"
+ ],
+ "properties": {
+ "api_key": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormWidgetRecaptcha": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "category",
+ "type",
+ "config"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "format": "forms-custom-identifier"
+ },
+ "category": {
+ "$ref": "#/components/schemas/FormComponentCategoryWidgetConst"
+ },
+ "type": {
+ "$ref": "#/components/schemas/FormWidgetTypeRecaptchaConst"
+ },
+ "config": {
+ "$ref": "#/components/schemas/FormWidgetRecaptchaConfig"
+ },
+ "label": {
+ "type": "string",
+ "minLength": 1
+ },
+ "hint": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 500
+ },
+ "required": {
+ "type": "boolean"
+ },
+ "sensitive": {
+ "type": "boolean"
+ }
+ }
+ },
+ "FormWidgetRecaptchaConfig": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "site_key",
+ "secret_key"
+ ],
+ "properties": {
+ "site_key": {
+ "type": "string",
+ "minLength": 1
+ },
+ "secret_key": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "FormWidgetTypeAuth0VerifiableCredentialsConst": {
+ "type": "string",
+ "enum": [
+ "AUTH0_VERIFIABLE_CREDENTIALS"
+ ]
+ },
+ "FormWidgetTypeGMapsAddressConst": {
+ "type": "string",
+ "enum": [
+ "GMAPS_ADDRESS"
+ ]
+ },
+ "FormWidgetTypeRecaptchaConst": {
+ "type": "string",
+ "enum": [
+ "RECAPTCHA"
+ ]
+ },
+ "FormsRequestParametersHydrateEnum": {
+ "type": "string",
+ "maxLength": 50,
+ "enum": [
+ "flow_count",
+ "links"
+ ]
+ },
+ "GetActionExecutionResponseContent": {
+ "type": "object",
+ "description": "The result of a specific execution of a trigger.",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID identifies this specific execution simulation. These IDs would resemble real executions in production.",
+ "default": "c5b35bb1-c67d-40bb-9b0d-700b6fe33dd9"
+ },
+ "trigger_id": {
+ "$ref": "#/components/schemas/ActionTriggerTypeEnum"
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionExecutionStatusEnum"
+ },
+ "results": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/ActionExecutionResult"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time that the execution was started.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time that the exeution finished executing.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "GetActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the action.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of an action.",
+ "default": "my-action"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this action supports. At this time, an action can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ },
+ "all_changes_deployed": {
+ "type": "boolean",
+ "description": "True if all of an Action's contents have been deployed.",
+ "default": false
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this action was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this action was updated.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this action depends on.",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`, defaults to `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "deployed_version": {
+ "$ref": "#/components/schemas/ActionDeployedVersion"
+ },
+ "installed_integration_id": {
+ "type": "string",
+ "description": "installed_integration_id is the fk reference to the InstalledIntegration entity.",
+ "default": "7d2bc0c9-c0c2-433a-9f4e-86ef80270aad"
+ },
+ "integration": {
+ "$ref": "#/components/schemas/Integration"
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionBuildStatusEnum"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this action was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "deploy": {
+ "type": "boolean",
+ "description": "True if the action should be deployed after creation.",
+ "default": false
+ }
+ }
+ },
+ "GetActionVersionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique id of an action version.",
+ "default": "12a3b9e6-06e6-4a29-96bf-90c82fe79a0d"
+ },
+ "action_id": {
+ "type": "string",
+ "description": "The id of the action to which this version belongs.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of this specific version of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this specific version depends on. ",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "deployed": {
+ "type": "boolean",
+ "description": "Indicates if this specific version is the currently one deployed.",
+ "default": true
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionVersionBuildStatusEnum"
+ },
+ "number": {
+ "type": "number",
+ "description": "The index of this version in list of versions for the action.",
+ "default": 1
+ },
+ "errors": {
+ "type": "array",
+ "description": "Any errors that occurred while the version was being built.",
+ "items": {
+ "$ref": "#/components/schemas/ActionError"
+ }
+ },
+ "action": {
+ "$ref": "#/components/schemas/ActionBase"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this version was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this version was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when a version was updated. Versions are never updated externally. Only Auth0 will update an action version as it is being built.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this version supports. At this time, a version can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ }
+ }
+ },
+ "GetActiveUsersCountStatsResponseContent": {
+ "type": "number",
+ "description": "Number of active users in the last 30 days.",
+ "default": 100
+ },
+ "GetAculResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "tenant": {
+ "type": "string",
+ "description": "Tenant ID"
+ },
+ "prompt": {
+ "type": "string",
+ "description": "Name of the prompt"
+ },
+ "screen": {
+ "type": "string",
+ "description": "Name of the screen"
+ },
+ "rendering_mode": {
+ "$ref": "#/components/schemas/AculRenderingModeEnum"
+ },
+ "context_configuration": {
+ "type": "array",
+ "description": "Context values to make available",
+ "items": {
+ "type": "string"
+ }
+ },
+ "default_head_tags_disabled": {
+ "type": "boolean",
+ "description": "Override Universal Login default head tags"
+ },
+ "head_tags": {
+ "type": "array",
+ "description": "An array of head tags",
+ "items": {
+ "$ref": "#/components/schemas/AculHeadTag"
+ }
+ },
+ "filters": {
+ "$ref": "#/components/schemas/AculFilters"
+ },
+ "use_page_template": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Use page template with ACUL",
+ "default": false
+ }
+ }
+ },
+ "GetBrandingDefaultThemeResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "borders",
+ "colors",
+ "displayName",
+ "fonts",
+ "page_background",
+ "themeId",
+ "widget"
+ ],
+ "properties": {
+ "borders": {
+ "$ref": "#/components/schemas/BrandingThemeBorders"
+ },
+ "colors": {
+ "$ref": "#/components/schemas/BrandingThemeColors"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "Display Name",
+ "maxLength": 2048
+ },
+ "fonts": {
+ "$ref": "#/components/schemas/BrandingThemeFonts"
+ },
+ "page_background": {
+ "$ref": "#/components/schemas/BrandingThemePageBackground"
+ },
+ "themeId": {
+ "type": "string",
+ "description": "Theme Id",
+ "maxLength": 32
+ },
+ "widget": {
+ "$ref": "#/components/schemas/BrandingThemeWidget"
+ }
+ }
+ },
+ "GetBrandingPhoneProviderResponseContent": {
+ "type": "object",
+ "description": "Phone provider configuration schema",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "credentials"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "tenant": {
+ "type": "string",
+ "description": "The name of the tenant",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "name": {
+ "$ref": "#/components/schemas/PhoneProviderNameEnum"
+ },
+ "channel": {
+ "$ref": "#/components/schemas/PhoneProviderChannelEnum"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (false) or disabled (true)."
+ },
+ "configuration": {
+ "$ref": "#/components/schemas/PhoneProviderConfiguration"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The provider's creation date and time in ISO 8601 format",
+ "maxLength": 27,
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The date and time of the last update to the provider in ISO 8601 format",
+ "maxLength": 27,
+ "format": "date-time"
+ }
+ }
+ },
+ "GetBrandingResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "colors": {
+ "$ref": "#/components/schemas/BrandingColors"
+ },
+ "favicon_url": {
+ "type": "string",
+ "description": "URL for the favicon. Must use HTTPS.",
+ "format": "strict-https-uri"
+ },
+ "logo_url": {
+ "type": "string",
+ "description": "URL for the logo. Must use HTTPS.",
+ "format": "strict-https-uri"
+ },
+ "font": {
+ "$ref": "#/components/schemas/BrandingFont"
+ }
+ }
+ },
+ "GetBrandingThemeResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "borders",
+ "colors",
+ "displayName",
+ "fonts",
+ "page_background",
+ "themeId",
+ "widget"
+ ],
+ "properties": {
+ "borders": {
+ "$ref": "#/components/schemas/BrandingThemeBorders"
+ },
+ "colors": {
+ "$ref": "#/components/schemas/BrandingThemeColors"
+ },
+ "displayName": {
+ "type": "string",
+ "description": "Display Name",
+ "maxLength": 2048
+ },
+ "fonts": {
+ "$ref": "#/components/schemas/BrandingThemeFonts"
+ },
+ "page_background": {
+ "$ref": "#/components/schemas/BrandingThemePageBackground"
+ },
+ "themeId": {
+ "type": "string",
+ "description": "Theme Id",
+ "maxLength": 32
+ },
+ "widget": {
+ "$ref": "#/components/schemas/BrandingThemeWidget"
+ }
+ }
+ },
+ "GetBreachedPasswordDetectionSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not breached password detection is active.",
+ "default": true
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a breached password is detected during a login.\n Possible values: block, user_notification, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionShieldsEnum"
+ }
+ },
+ "admin_notification_frequency": {
+ "type": "array",
+ "description": "When \"admin_notification\" is enabled, determines how often email notifications are sent.\n Possible values: immediately, daily, weekly, monthly.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionAdminNotificationFrequencyEnum"
+ }
+ },
+ "method": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionMethodEnum"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionStage"
+ }
+ }
+ },
+ "GetBruteForceSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not brute force attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a brute force protection threshold is violated.\n Possible values: block, user_notification.",
+ "items": {
+ "type": "string",
+ "enum": [
+ "block",
+ "user_notification"
+ ]
+ }
+ },
+ "allowlist": {
+ "type": "array",
+ "description": "List of trusted IP addresses that will not have attack protection enforced against them.",
+ "items": {
+ "type": "string",
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipv4"
+ },
+ {
+ "type": "string",
+ "format": "cidr"
+ },
+ {
+ "type": "string",
+ "format": "ipv6"
+ },
+ {
+ "type": "string",
+ "format": "ipv6_cidr"
+ }
+ ]
+ }
+ },
+ "mode": {
+ "type": "string",
+ "description": "Account Lockout: Determines whether or not IP address is used when counting failed attempts.\n Possible values: count_per_identifier_and_ip, count_per_identifier.",
+ "default": "count_per_identifier_and_ip",
+ "enum": [
+ "count_per_identifier_and_ip",
+ "count_per_identifier"
+ ]
+ },
+ "max_attempts": {
+ "type": "integer",
+ "description": "Maximum number of unsuccessful attempts.",
+ "default": 10
+ }
+ }
+ },
+ "GetClientCredentialResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the credential. Generated on creation.",
+ "default": "cred_1m7sfABoNTTKYwTQ8qt6tX"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name given to the credential by the user.",
+ "default": ""
+ },
+ "kid": {
+ "type": "string",
+ "description": "The key identifier of the credential, generated on creation.",
+ "default": "IZSSTECp..."
+ },
+ "alg": {
+ "$ref": "#/components/schemas/ClientCredentialAlgorithmEnum"
+ },
+ "credential_type": {
+ "$ref": "#/components/schemas/ClientCredentialTypeEnum"
+ },
+ "subject_dn": {
+ "type": "string",
+ "description": "The X509 certificate's Subject Distinguished Name"
+ },
+ "thumbprint_sha256": {
+ "type": "string",
+ "description": "The X509 certificate's SHA256 thumbprint"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date the credential was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date the credential was updated.",
+ "format": "date-time"
+ },
+ "expires_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date representing the expiration of the credential.",
+ "format": "date-time"
+ }
+ }
+ },
+ "GetClientResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of this client.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ },
+ "tenant": {
+ "type": "string",
+ "description": "Name of the tenant this client belongs to.",
+ "default": ""
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this client (min length: 1 character, does not allow `<` or `>`).",
+ "default": "My application"
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of this client (max length: 140 characters).",
+ "default": ""
+ },
+ "global": {
+ "type": "boolean",
+ "description": "Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false).",
+ "default": false
+ },
+ "client_secret": {
+ "type": "string",
+ "description": "Client secret (which you must not make public).",
+ "default": "MG_TNT2ver-SylNat-_VeMmd-4m0Waba0jr1troztBniSChEw0glxEmgEi2Kw40H"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "URL of the logo to display for this client. Recommended size is 150x150 pixels."
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client (true) or not (false).",
+ "default": false
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).",
+ "default": false
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences/realms for SAML protocol. Used by the wsfed addon.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "signing_keys": {
+ "$ref": "#/components/schemas/ClientSigningKeys"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false).",
+ "default": false
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "Whether Single Sign On is disabled (true) or enabled (true). Defaults to true.",
+ "default": false
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."
+ },
+ "cross_origin_loc": {
+ "type": "string",
+ "description": "URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "Whether a custom login page is to be used (true) or the default provided login page (false).",
+ "default": true
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page.",
+ "default": ""
+ },
+ "custom_login_page_preview": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page. (Used on Previews)",
+ "default": ""
+ },
+ "form_template": {
+ "type": "string",
+ "description": "HTML form template to be used for WS-Federation.",
+ "default": ""
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodEnum"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {},
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsageEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithCredentialId"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "GetConnectionEnabledClientsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "clients"
+ ],
+ "properties": {
+ "clients": {
+ "type": "array",
+ "description": "Clients for which the connection is enabled",
+ "items": {
+ "$ref": "#/components/schemas/ConnectionEnabledClient"
+ }
+ },
+ "next": {
+ "type": "string",
+ "description": "Encoded next token"
+ }
+ }
+ },
+ "GetConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the connection",
+ "default": "My connection"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Connection name used in login screen"
+ },
+ "options": {
+ "$ref": "#/components/schemas/ConnectionOptions"
+ },
+ "id": {
+ "type": "string",
+ "description": "The connection's identifier",
+ "default": "con_0000000000000001"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The type of the connection, related to the identity provider",
+ "default": "auth0"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "enabled_clients": {
+ "type": "array",
+ "description": "DEPRECATED property. Use the GET /connections/:id/clients endpoint to get the ids of the clients for which the connection is enabled",
+ "x-release-lifecycle": "deprecated",
+ "items": {
+ "type": "string",
+ "description": "The client id"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "True if the connection is domain level"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD."
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "GetCustomDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "custom_domain_id",
+ "domain",
+ "primary",
+ "status",
+ "type"
+ ],
+ "properties": {
+ "custom_domain_id": {
+ "type": "string",
+ "description": "ID of the custom domain.",
+ "default": "cd_0000000000000001"
+ },
+ "domain": {
+ "type": "string",
+ "description": "Domain name.",
+ "default": "login.mycompany.com"
+ },
+ "primary": {
+ "type": "boolean",
+ "description": "Whether this is a primary domain (true) or not (false).",
+ "default": false
+ },
+ "type": {
+ "$ref": "#/components/schemas/CustomDomainTypeEnum"
+ },
+ "origin_domain_name": {
+ "type": "string",
+ "description": "Intermediate address.",
+ "default": "mycompany_cd_0000000000000001.edge.tenants.auth0.com"
+ },
+ "verification": {
+ "$ref": "#/components/schemas/DomainVerification"
+ },
+ "custom_client_ip_header": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The HTTP header to fetch the client's IP address"
+ },
+ "tls_policy": {
+ "type": "string",
+ "description": "The TLS version policy",
+ "default": "recommended"
+ }
+ }
+ },
+ "GetCustomSigningKeysResponseContent": {
+ "type": "object",
+ "description": "JWKS representing an array of custom public signing keys.",
+ "additionalProperties": false,
+ "properties": {
+ "keys": {
+ "type": "array",
+ "description": "An array of custom public signing keys.",
+ "items": {
+ "$ref": "#/components/schemas/CustomSigningKeyJWK"
+ }
+ }
+ }
+ },
+ "GetCustomTextsByLanguageResponseContent": {
+ "type": "object",
+ "description": "An object containing custom dictionaries for a group of screens.",
+ "additionalProperties": true
+ },
+ "GetEmailProviderResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`.",
+ "default": "sendgrid"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (true) or disabled (false).",
+ "default": true
+ },
+ "default_from_address": {
+ "type": "string",
+ "description": "Email address to use as \"from\" when no other address specified."
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/EmailProviderCredentials"
+ },
+ "settings": {
+ "$ref": "#/components/schemas/EmailProviderSettings"
+ }
+ }
+ },
+ "GetEmailTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "GetEncryptionKeyResponseContent": {
+ "type": "object",
+ "description": "Encryption key",
+ "additionalProperties": false,
+ "required": [
+ "kid",
+ "type",
+ "state",
+ "created_at",
+ "updated_at",
+ "parent_kid"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "Key ID"
+ },
+ "type": {
+ "$ref": "#/components/schemas/EncryptionKeyType"
+ },
+ "state": {
+ "$ref": "#/components/schemas/EncryptionKeyState"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Key creation timestamp",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "Key update timestamp",
+ "format": "date-time"
+ },
+ "parent_kid": {
+ "type": "string",
+ "description": "ID of parent wrapping key"
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Public key in PEM format"
+ }
+ }
+ },
+ "GetEventStreamDeliveryHistoryResponseContent": {
+ "type": "object",
+ "description": "Metadata about a specific attempt to deliver an event",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "event_stream_id",
+ "status",
+ "event_type",
+ "attempts"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Unique identifier for the delivery"
+ },
+ "event_stream_id": {
+ "type": "string",
+ "description": "Unique identifier for the event stream.",
+ "minLength": 26,
+ "maxLength": 26,
+ "format": "event-stream-id"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamDeliveryStatusEnum"
+ },
+ "event_type": {
+ "$ref": "#/components/schemas/EventStreamDeliveryEventTypeEnum"
+ },
+ "attempts": {
+ "type": "array",
+ "description": "Results of delivery attempts",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamDeliveryAttempt"
+ }
+ },
+ "event": {
+ "$ref": "#/components/schemas/EventStreamCloudEvent"
+ }
+ }
+ },
+ "GetEventStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamEventBridgeResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamActionResponseContent"
+ }
+ ]
+ },
+ "GetFlowExecutionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "trace_id",
+ "status",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flow execution identifier",
+ "maxLength": 30,
+ "format": "flow-execution-id"
+ },
+ "trace_id": {
+ "type": "string",
+ "description": "Trace id",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "journey_id": {
+ "type": "string",
+ "description": "Journey id",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "status": {
+ "type": "string",
+ "description": "Execution status",
+ "minLength": 1,
+ "maxLength": 50
+ },
+ "debug": {
+ "$ref": "#/components/schemas/FlowExecutionDebug"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution was updated.",
+ "format": "date-time"
+ },
+ "started_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution started.",
+ "format": "date-time"
+ },
+ "ended_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this flow execution ended.",
+ "format": "date-time"
+ }
+ }
+ },
+ "GetFlowRequestParametersHydrateEnum": {
+ "type": "string",
+ "maxLength": 50,
+ "enum": [
+ "form_count",
+ "forms"
+ ]
+ },
+ "GetFlowResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "actions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "executed_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "GetFlowsVaultConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "app_id",
+ "name",
+ "ready",
+ "created_at",
+ "updated_at",
+ "fingerprint"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flows Vault Connection identifier.",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "app_id": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "environment": {
+ "type": "string",
+ "description": "Flows Vault Connection environment.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "account_name": {
+ "type": "string",
+ "description": "Flows Vault Connection custom account name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "ready": {
+ "type": "boolean",
+ "description": "Whether the Flows Vault Connection is configured."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was updated.",
+ "format": "date-time"
+ },
+ "refreshed_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was refreshed.",
+ "format": "date-time"
+ },
+ "fingerprint": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "GetFormResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "form-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "messages": {
+ "$ref": "#/components/schemas/FormMessages"
+ },
+ "languages": {
+ "$ref": "#/components/schemas/FormLanguages"
+ },
+ "translations": {
+ "$ref": "#/components/schemas/FormTranslations"
+ },
+ "nodes": {
+ "$ref": "#/components/schemas/FormNodeList"
+ },
+ "start": {
+ "$ref": "#/components/schemas/FormStartNode"
+ },
+ "ending": {
+ "$ref": "#/components/schemas/FormEndingNode"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormStyle"
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "embedded_at": {
+ "type": "string",
+ "format": "date"
+ },
+ "submitted_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "GetGuardianEnrollmentResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID for this enrollment.",
+ "default": "dev_0000000000000001"
+ },
+ "status": {
+ "$ref": "#/components/schemas/GuardianEnrollmentStatus"
+ },
+ "name": {
+ "type": "string",
+ "description": "Device name (only for push notification).",
+ "default": "iPhone 7",
+ "minLength": 1,
+ "maxLength": 20
+ },
+ "identifier": {
+ "type": "string",
+ "description": "Device identifier. This is usually the phone identifier.",
+ "default": "76dc-a90c-a88c-a90c-a88c-a88c-a90c"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number.",
+ "default": "+1 999999999999"
+ },
+ "enrolled_at": {
+ "$ref": "#/components/schemas/GuardianEnrollmentDate"
+ },
+ "last_auth": {
+ "$ref": "#/components/schemas/GuardianEnrollmentDate"
+ }
+ }
+ },
+ "GetGuardianFactorDuoSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "ikey": {
+ "type": "string",
+ "maxLength": 10000
+ },
+ "skey": {
+ "type": "string",
+ "maxLength": 10000,
+ "format": "non-empty-string"
+ },
+ "host": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "GetGuardianFactorPhoneMessageTypesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "message_types": {
+ "type": "array",
+ "description": "The list of phone factors to enable on the tenant. Can include `sms` and `voice`.",
+ "items": {
+ "$ref": "#/components/schemas/GuardianFactorPhoneFactorMessageTypeEnum"
+ }
+ }
+ }
+ },
+ "GetGuardianFactorPhoneTemplatesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "GetGuardianFactorSmsTemplatesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "GetGuardianFactorsProviderApnsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "bundle_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 20
+ },
+ "sandbox": {
+ "type": "boolean"
+ },
+ "enabled": {
+ "type": "boolean"
+ }
+ }
+ },
+ "GetGuardianFactorsProviderPhoneResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "GetGuardianFactorsProviderPhoneTwilioResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "GetGuardianFactorsProviderPushNotificationResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderPushNotificationProviderDataEnum"
+ }
+ }
+ },
+ "GetGuardianFactorsProviderSmsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "GetGuardianFactorsProviderSmsTwilioResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "GetGuardianFactorsProviderSnsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "aws_access_key_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_secret_access_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "B1ER5JHDGJL3C4sVAKK7SBsq806R3IpL",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_region": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "us-west-1",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_apns_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_gcm_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "urn://yRMeBxgcCXh8MeTXPBAxhQnm6gP6f5nP",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "GetHookResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "triggerId": {
+ "type": "string",
+ "description": "Trigger ID"
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this hook.",
+ "default": "00001"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this hook.",
+ "default": "hook"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether this hook will be executed (true) or ignored (false).",
+ "default": true
+ },
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this hook runs.",
+ "default": "module.exports = function(client, scope, audience, context, cb) cb(null, access_token); };"
+ },
+ "dependencies": {
+ "$ref": "#/components/schemas/HookDependencies"
+ }
+ }
+ },
+ "GetHookSecretResponseContent": {
+ "type": "object",
+ "description": "Hashmap of key-value pairs where the value must be a string.",
+ "additionalProperties": true
+ },
+ "GetJobErrorResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "user": {
+ "$ref": "#/components/schemas/GetJobUserError"
+ },
+ "errors": {
+ "type": "array",
+ "description": "Errors importing the user.",
+ "items": {
+ "$ref": "#/components/schemas/GetJobImportUserError"
+ }
+ }
+ }
+ },
+ "GetJobGenericErrorResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "id",
+ "type",
+ "status"
+ ],
+ "properties": {
+ "status": {
+ "type": "string",
+ "description": "Status of this job.",
+ "default": "pending"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of job this is.",
+ "default": "users_import"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "When this job was created."
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this job.",
+ "default": "job_0000000000000001"
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "connection_id of the connection this job uses.",
+ "default": "con_0000000000000001"
+ },
+ "status_details": {
+ "type": "string",
+ "description": "Status details."
+ }
+ }
+ },
+ "GetJobImportUserError": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "code": {
+ "type": "string",
+ "description": "Error code."
+ },
+ "message": {
+ "type": "string",
+ "description": "Error message."
+ },
+ "path": {
+ "type": "string",
+ "description": "Error field."
+ }
+ }
+ },
+ "GetJobResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "id",
+ "type",
+ "status"
+ ],
+ "properties": {
+ "status": {
+ "type": "string",
+ "description": "Status of this job.",
+ "default": "pending"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of job this is.",
+ "default": "users_import"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "When this job was created."
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this job.",
+ "default": "job_0000000000000001"
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "connection_id of the connection this job uses.",
+ "default": "con_0000000000000001"
+ },
+ "location": {
+ "type": "string",
+ "description": "URL to download the result of this job."
+ },
+ "percentage_done": {
+ "type": "integer",
+ "description": "Completion percentage of this job."
+ },
+ "time_left_seconds": {
+ "type": "integer",
+ "description": "Estimated time remaining before job completes."
+ },
+ "format": {
+ "$ref": "#/components/schemas/JobFileFormatEnum"
+ },
+ "status_details": {
+ "type": "string",
+ "description": "Status details."
+ }
+ }
+ },
+ "GetJobUserError": {
+ "type": "object",
+ "description": "User, as provided in the import file",
+ "additionalProperties": true
+ },
+ "GetLogResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "date": {
+ "$ref": "#/components/schemas/LogDate"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of event.",
+ "default": "sapi"
+ },
+ "description": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Description of this event."
+ },
+ "connection": {
+ "type": "string",
+ "description": "Name of the connection the event relates to."
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "ID of the connection the event relates to."
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client (application).",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ },
+ "client_name": {
+ "type": "string",
+ "description": "Name of the client (application).",
+ "default": "My application Name"
+ },
+ "ip": {
+ "type": "string",
+ "description": "IP address of the log event source.",
+ "default": "190.257.209.19"
+ },
+ "hostname": {
+ "type": "string",
+ "description": "Hostname the event applies to.",
+ "default": "190.257.209.19"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user involved in the event.",
+ "default": "auth0|56c75c4e42b6359e98374bc2"
+ },
+ "user_name": {
+ "type": "string",
+ "description": "Name of the user involved in the event."
+ },
+ "audience": {
+ "type": "string",
+ "description": "API audience the event applies to."
+ },
+ "scope": {
+ "type": "string",
+ "description": "Scope permissions applied to the event.",
+ "default": ""
+ },
+ "strategy": {
+ "type": "string",
+ "description": "Name of the strategy involved in the event."
+ },
+ "strategy_type": {
+ "type": "string",
+ "description": "Type of strategy involved in the event."
+ },
+ "log_id": {
+ "type": "string",
+ "description": "Unique ID of the event."
+ },
+ "isMobile": {
+ "type": "boolean",
+ "description": "Whether the client was a mobile device (true) or desktop/laptop/server (false)."
+ },
+ "details": {
+ "$ref": "#/components/schemas/LogDetails"
+ },
+ "user_agent": {
+ "type": "string",
+ "description": "User agent string from the client device that caused the event."
+ },
+ "security_context": {
+ "$ref": "#/components/schemas/LogSecurityContext"
+ },
+ "location_info": {
+ "$ref": "#/components/schemas/LogLocationInfo"
+ }
+ }
+ },
+ "GetLogStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/LogStreamHttpResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamEventBridgeResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamEventGridResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamDatadogResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSplunkResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSumoResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSegmentResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamMixpanelResponseSchema"
+ }
+ ]
+ },
+ "GetNetworkAclsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "description": {
+ "type": "string"
+ },
+ "active": {
+ "type": "boolean"
+ },
+ "priority": {
+ "type": "number"
+ },
+ "rule": {
+ "$ref": "#/components/schemas/NetworkAclRule"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was created"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was last updated"
+ }
+ }
+ },
+ "GetOrganizationByNameResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization identifier.",
+ "maxLength": 50,
+ "format": "organization-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of this organization.",
+ "default": "organization-1",
+ "minLength": 1,
+ "maxLength": 50,
+ "format": "organization-name"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Friendly name of this organization.",
+ "default": "Acme Users",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "branding": {
+ "$ref": "#/components/schemas/OrganizationBranding"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/OrganizationMetadata"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "GetOrganizationConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "ID of the connection."
+ },
+ "assign_membership_on_login": {
+ "type": "boolean",
+ "description": "When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection."
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true."
+ },
+ "is_signup_enabled": {
+ "type": "boolean",
+ "description": "Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false."
+ },
+ "connection": {
+ "$ref": "#/components/schemas/OrganizationConnectionInformation"
+ }
+ }
+ },
+ "GetOrganizationDiscoveryDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "domain",
+ "status",
+ "verification_txt",
+ "verification_host"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization discovery domain identifier.",
+ "format": "organization-discovery-domain-id"
+ },
+ "domain": {
+ "type": "string",
+ "description": "The domain name to associate with the organization e.g. acme.com.",
+ "minLength": 3,
+ "maxLength": 255
+ },
+ "status": {
+ "$ref": "#/components/schemas/OrganizationDiscoveryDomainStatus"
+ },
+ "verification_txt": {
+ "type": "string",
+ "description": "A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership."
+ },
+ "verification_host": {
+ "type": "string",
+ "description": "The full domain where the TXT record should be added."
+ }
+ }
+ },
+ "GetOrganizationDiscoveryDomainsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "domains"
+ ],
+ "properties": {
+ "next": {
+ "type": "string"
+ },
+ "domains": {
+ "$ref": "#/components/schemas/GetOrganizationDiscoveryDomainsResponseDomains"
+ }
+ }
+ },
+ "GetOrganizationDiscoveryDomainsResponseDomains": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "domain",
+ "status",
+ "verification_txt",
+ "verification_host"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization discovery domain identifier.",
+ "format": "organization-discovery-domain-id"
+ },
+ "domain": {
+ "type": "string",
+ "description": "The domain name to associate with the organization e.g. acme.com.",
+ "minLength": 3,
+ "maxLength": 255
+ },
+ "status": {
+ "$ref": "#/components/schemas/OrganizationDiscoveryDomainStatus"
+ },
+ "verification_txt": {
+ "type": "string",
+ "description": "A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership."
+ },
+ "verification_host": {
+ "type": "string",
+ "description": "The full domain where the TXT record should be added."
+ }
+ }
+ }
+ },
+ "GetOrganizationInvitationResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The id of the user invitation.",
+ "default": "uinv_0000000000000001",
+ "format": "user-invitation-id"
+ },
+ "organization_id": {
+ "type": "string",
+ "description": "Organization identifier.",
+ "maxLength": 50,
+ "format": "organization-id"
+ },
+ "inviter": {
+ "$ref": "#/components/schemas/OrganizationInvitationInviter"
+ },
+ "invitee": {
+ "$ref": "#/components/schemas/OrganizationInvitationInvitee"
+ },
+ "invitation_url": {
+ "type": "string",
+ "description": "The invitation url to be send to the invitee.",
+ "default": "https://mycompany.org/login?invitation=f81dWWYW6gzGGicxT8Ha0txBkGNcAcYr&organization=org_0000000000000001&organization_name=acme",
+ "format": "strict-https-uri"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted timestamp representing the creation time of the invitation.",
+ "default": "2020-08-20T19:10:06.299Z",
+ "format": "date-time"
+ },
+ "expires_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted timestamp representing the expiration time of the invitation.",
+ "default": "2020-08-27T19:10:06.299Z",
+ "format": "date-time"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "Auth0 client ID. Used to resolve the application's login initiation endpoint.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww",
+ "format": "client-id"
+ },
+ "connection_id": {
+ "type": "string",
+ "description": "The id of the connection to force invitee to authenticate with.",
+ "default": "con_0000000000000001",
+ "format": "connection-id"
+ },
+ "app_metadata": {
+ "$ref": "#/components/schemas/AppMetadata"
+ },
+ "user_metadata": {
+ "$ref": "#/components/schemas/UserMetadata"
+ },
+ "roles": {
+ "type": "array",
+ "description": "List of roles IDs to associated with the user.",
+ "items": {
+ "type": "string",
+ "format": "role-id"
+ }
+ },
+ "ticket_id": {
+ "type": "string",
+ "description": "The id of the invitation ticket",
+ "format": "ticket-id"
+ }
+ }
+ },
+ "GetOrganizationResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization identifier.",
+ "maxLength": 50,
+ "format": "organization-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of this organization.",
+ "default": "organization-1",
+ "minLength": 1,
+ "maxLength": 50,
+ "format": "organization-name"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Friendly name of this organization.",
+ "default": "Acme Users",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "branding": {
+ "$ref": "#/components/schemas/OrganizationBranding"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/OrganizationMetadata"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "GetPartialsResponseContent": {
+ "type": "object",
+ "description": "An object containing template partials for a group of screens.",
+ "additionalProperties": true
+ },
+ "GetPhoneTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "content",
+ "disabled",
+ "id",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "channel": {
+ "type": "string"
+ },
+ "customizable": {
+ "type": "boolean"
+ },
+ "tenant": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "content": {
+ "$ref": "#/components/schemas/PhoneTemplateContent"
+ },
+ "type": {
+ "$ref": "#/components/schemas/PhoneTemplateNotificationTypeEnum"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the template is enabled (false) or disabled (true).",
+ "default": false
+ }
+ }
+ },
+ "GetRefreshTokenResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the refresh token"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs.",
+ "default": "auth0|507f1f77bcf86cd799439020"
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/RefreshTokenDate"
+ },
+ "idle_expires_at": {
+ "$ref": "#/components/schemas/RefreshTokenDate"
+ },
+ "expires_at": {
+ "$ref": "#/components/schemas/RefreshTokenDate"
+ },
+ "device": {
+ "$ref": "#/components/schemas/RefreshTokenDevice"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client application granted with this refresh token"
+ },
+ "session_id": {
+ "$ref": "#/components/schemas/RefreshTokenSessionId"
+ },
+ "rotating": {
+ "type": "boolean",
+ "description": "True if the token is a rotating refresh token"
+ },
+ "resource_servers": {
+ "type": "array",
+ "description": "A list of the resource server IDs associated to this refresh-token and their granted scopes",
+ "items": {
+ "$ref": "#/components/schemas/RefreshTokenResourceServer"
+ }
+ },
+ "last_exchanged_at": {
+ "$ref": "#/components/schemas/RefreshTokenDate"
+ }
+ }
+ },
+ "GetResourceServerResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the API (resource server)."
+ },
+ "name": {
+ "type": "string",
+ "description": "Friendly name for this resource server. Can not contain `<` or `>` characters."
+ },
+ "is_system": {
+ "type": "boolean",
+ "description": "Whether this is an Auth0 system API (true) or a custom API (false)."
+ },
+ "identifier": {
+ "type": "string",
+ "description": "Unique identifier for the API used as the audience parameter on authorization calls. Can not be changed once set."
+ },
+ "scopes": {
+ "type": "array",
+ "description": "List of permissions (scopes) that this API uses.",
+ "items": {
+ "$ref": "#/components/schemas/ResourceServerScope"
+ }
+ },
+ "signing_alg": {
+ "$ref": "#/components/schemas/SigningAlgorithmEnum"
+ },
+ "signing_secret": {
+ "type": "string",
+ "description": "Secret used to sign tokens when using symmetric algorithms (HS256).",
+ "minLength": 16
+ },
+ "allow_offline_access": {
+ "type": "boolean",
+ "description": "Whether refresh tokens can be issued for this API (true) or not (false)."
+ },
+ "skip_consent_for_verifiable_first_party_clients": {
+ "type": "boolean",
+ "description": "Whether to skip user consent for applications flagged as first party (true) or not (false)."
+ },
+ "token_lifetime": {
+ "type": "integer",
+ "description": "Expiration value (in seconds) for access tokens issued for this API from the token endpoint."
+ },
+ "token_lifetime_for_web": {
+ "type": "integer",
+ "description": "Expiration value (in seconds) for access tokens issued for this API via Implicit or Hybrid Flows. Cannot be greater than the `token_lifetime` value."
+ },
+ "enforce_policies": {
+ "type": "boolean",
+ "description": "Whether authorization polices are enforced (true) or unenforced (false)."
+ },
+ "token_dialect": {
+ "$ref": "#/components/schemas/ResourceServerTokenDialectResponseEnum"
+ },
+ "token_encryption": {
+ "$ref": "#/components/schemas/ResourceServerTokenEncryption"
+ },
+ "consent_policy": {
+ "$ref": "#/components/schemas/ResourceServerConsentPolicyEnum"
+ },
+ "authorization_details": {
+ "type": "array",
+ "items": {}
+ },
+ "proof_of_possession": {
+ "$ref": "#/components/schemas/ResourceServerProofOfPossession"
+ },
+ "subject_type_authorization": {
+ "$ref": "#/components/schemas/ResourceServerSubjectTypeAuthorization"
+ }
+ }
+ },
+ "GetRoleResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID for this role."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this role."
+ },
+ "description": {
+ "type": "string",
+ "description": "Description of this role."
+ }
+ }
+ },
+ "GetRuleResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of this rule.",
+ "default": "rule_1"
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this rule.",
+ "default": "con_0000000000000001"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the rule is enabled (true), or disabled (false).",
+ "default": true
+ },
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this rule runs.",
+ "default": "function (user, context, callback) {\n callback(null, user, context);\n}"
+ },
+ "order": {
+ "type": "number",
+ "description": "Order that this rule should execute in relative to other rules. Lower-valued rules execute first.",
+ "default": 1
+ },
+ "stage": {
+ "type": "string",
+ "description": "Execution stage of this rule. Can be `login_success`, `login_failure`, or `pre_authorize`.",
+ "default": "login_success"
+ }
+ }
+ },
+ "GetScimConfigurationDefaultMappingResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "mapping": {
+ "type": "array",
+ "description": "The mapping between auth0 and SCIM",
+ "items": {
+ "$ref": "#/components/schemas/ScimMappingItem"
+ }
+ }
+ }
+ },
+ "GetScimConfigurationResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "The connection's identifier"
+ },
+ "connection_name": {
+ "type": "string",
+ "description": "The connection's identifier"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The connection's strategy"
+ },
+ "tenant_name": {
+ "type": "string",
+ "description": "The tenant's name"
+ },
+ "user_id_attribute": {
+ "type": "string",
+ "description": "User ID attribute for generating unique user ids"
+ },
+ "mapping": {
+ "type": "array",
+ "description": "The mapping between auth0 and SCIM",
+ "items": {
+ "$ref": "#/components/schemas/ScimMappingItem"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The Date Time Scim Configuration was created"
+ },
+ "updated_on": {
+ "type": "string",
+ "description": "The Date Time Scim Configuration was last updated"
+ }
+ }
+ },
+ "GetScimTokensResponseContent": {
+ "type": "array",
+ "description": "The list of scim tokens for scim clients",
+ "items": {
+ "$ref": "#/components/schemas/ScimTokenItem"
+ }
+ },
+ "GetSelfServiceProfileResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the self-service Profile.",
+ "default": "ssp_n7SNCL8seoyV1TuSTCnAeo"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the self-service Profile."
+ },
+ "description": {
+ "type": "string",
+ "description": "The description of the self-service Profile."
+ },
+ "user_attributes": {
+ "type": "array",
+ "description": "List of attributes to be mapped that will be shown to the user during the SS-SSO flow.",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileUserAttribute"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this self-service Profile was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this self-service Profile was updated.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "branding": {
+ "$ref": "#/components/schemas/SelfServiceProfileBrandingProperties"
+ },
+ "allowed_strategies": {
+ "type": "array",
+ "description": "List of IdP strategies that will be shown to users during the Self-Service SSO flow. Possible values: [`oidc`, `samlp`, `waad`, `google-apps`, `adfs`, `okta`, `keycloak-samlp`, `pingfederate`]",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileAllowedStrategyEnum"
+ }
+ }
+ }
+ },
+ "GetSessionResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the session"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs."
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "updated_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "authenticated_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "idle_expires_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "expires_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "last_interacted_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "device": {
+ "$ref": "#/components/schemas/SessionDeviceMetadata"
+ },
+ "clients": {
+ "type": "array",
+ "description": "List of client details for the session",
+ "items": {
+ "$ref": "#/components/schemas/SessionClientMetadata"
+ }
+ },
+ "authentication": {
+ "$ref": "#/components/schemas/SessionAuthenticationSignals"
+ },
+ "cookie": {
+ "$ref": "#/components/schemas/SessionCookieMetadata"
+ }
+ }
+ },
+ "GetSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "universal_login_experience": {
+ "$ref": "#/components/schemas/UniversalLoginExperienceEnum"
+ },
+ "identifier_first": {
+ "type": "boolean",
+ "description": "Whether identifier first is enabled or not"
+ },
+ "webauthn_platform_first_factor": {
+ "type": "boolean",
+ "description": "Use WebAuthn with Device Biometrics as the first authentication factor"
+ }
+ }
+ },
+ "GetSigningKeysResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "cert",
+ "kid",
+ "fingerprint",
+ "thumbprint"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "The key id of the signing key",
+ "default": "21hi274Rp02112mgkUGma"
+ },
+ "cert": {
+ "type": "string",
+ "description": "The public certificate of the signing key",
+ "default": "-----BEGIN CERTIFICATE-----\r\nMIIDDTCCA...YiA0TQhAt8=\r\n-----END CERTIFICATE-----"
+ },
+ "pkcs7": {
+ "type": "string",
+ "description": "The public certificate of the signing key in pkcs7 format",
+ "default": "-----BEGIN PKCS7-----\r\nMIIDPA....t8xAA==\r\n-----END PKCS7-----"
+ },
+ "current": {
+ "type": "boolean",
+ "description": "True if the key is the the current key",
+ "default": true
+ },
+ "next": {
+ "type": "boolean",
+ "description": "True if the key is the the next key"
+ },
+ "previous": {
+ "type": "boolean",
+ "description": "True if the key is the the previous key"
+ },
+ "current_since": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ },
+ "current_until": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ },
+ "fingerprint": {
+ "type": "string",
+ "description": "The cert fingerprint",
+ "default": "CC:FB:DD:D8:9A:B5:DE:1B:F0:CC:36:D2:99:59:21:12:03:DD:A8:25"
+ },
+ "thumbprint": {
+ "type": "string",
+ "description": "The cert thumbprint",
+ "default": "CCFBDDD89AB5DE1BF0CC36D29959211203DDA825"
+ },
+ "revoked": {
+ "type": "boolean",
+ "description": "True if the key is revoked"
+ },
+ "revoked_at": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ }
+ }
+ },
+ "GetSupplementalSignalsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "akamai_enabled": {
+ "type": "boolean",
+ "description": "Indicates if incoming Akamai Headers should be processed"
+ }
+ }
+ },
+ "GetSuspiciousIPThrottlingSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not suspicious IP throttling attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a suspicious IP throttling threshold is violated.\n Possible values: block, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingShieldsEnum"
+ }
+ },
+ "allowlist": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingAllowlist"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingStage"
+ }
+ }
+ },
+ "GetTenantSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "change_password": {
+ "$ref": "#/components/schemas/TenantSettingsPasswordPage"
+ },
+ "guardian_mfa_page": {
+ "$ref": "#/components/schemas/TenantSettingsGuardianPage"
+ },
+ "default_audience": {
+ "type": "string",
+ "description": "Default audience for API authorization.",
+ "default": ""
+ },
+ "default_directory": {
+ "type": "string",
+ "description": "Name of connection used for password grants at the `/token`endpoint. The following connection types are supported: LDAP, AD, Database Connections, Passwordless, Windows Azure Active Directory, ADFS.",
+ "default": ""
+ },
+ "error_page": {
+ "$ref": "#/components/schemas/TenantSettingsErrorPage"
+ },
+ "device_flow": {
+ "$ref": "#/components/schemas/TenantSettingsDeviceFlow"
+ },
+ "default_token_quota": {
+ "$ref": "#/components/schemas/DefaultTokenQuota"
+ },
+ "flags": {
+ "$ref": "#/components/schemas/TenantSettingsFlags"
+ },
+ "friendly_name": {
+ "type": "string",
+ "description": "Friendly name for this tenant.",
+ "default": "My Company"
+ },
+ "picture_url": {
+ "type": "string",
+ "description": "URL of logo to be shown for this tenant (recommended size: 150x150)",
+ "default": "https://mycompany.org/logo.png",
+ "format": "absolute-uri-or-empty"
+ },
+ "support_email": {
+ "type": "string",
+ "description": "End-user support email address.",
+ "default": "support@mycompany.org",
+ "format": "email-or-empty"
+ },
+ "support_url": {
+ "type": "string",
+ "description": "End-user support URL.",
+ "default": "https://mycompany.org/support",
+ "format": "absolute-uri-or-empty"
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "URLs that are valid to redirect to after logout from Auth0.",
+ "items": {
+ "type": "string",
+ "format": "url"
+ }
+ },
+ "session_lifetime": {
+ "type": "number",
+ "description": "Number of hours a session will stay valid.",
+ "default": 168
+ },
+ "idle_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours for which a session can be inactive before the user must log in again.",
+ "default": 72
+ },
+ "ephemeral_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours an ephemeral (non-persistent) session will stay valid.",
+ "default": 72
+ },
+ "idle_ephemeral_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours for which an ephemeral (non-persistent) session can be inactive before the user must log in again.",
+ "default": 24
+ },
+ "sandbox_version": {
+ "type": "string",
+ "description": "Selected sandbox version for the extensibility environment.",
+ "default": "22"
+ },
+ "legacy_sandbox_version": {
+ "type": "string",
+ "description": "Selected sandbox version for rules and hooks extensibility.",
+ "default": ""
+ },
+ "sandbox_versions_available": {
+ "type": "array",
+ "description": "Available sandbox versions for the extensibility environment.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "default_redirection_uri": {
+ "type": "string",
+ "description": "The default absolute redirection uri, must be https"
+ },
+ "enabled_locales": {
+ "type": "array",
+ "description": "Supported locales for the user interface.",
+ "items": {
+ "$ref": "#/components/schemas/SupportedLocales"
+ }
+ },
+ "session_cookie": {
+ "$ref": "#/components/schemas/SessionCookieSchema"
+ },
+ "sessions": {
+ "$ref": "#/components/schemas/TenantSettingsSessions"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/TenantOIDCLogoutSettings"
+ },
+ "allow_organization_name_in_authentication_api": {
+ "type": "boolean",
+ "description": "Whether to accept an organization name instead of an ID on auth endpoints",
+ "default": false
+ },
+ "customize_mfa_in_postlogin_action": {
+ "type": "boolean",
+ "description": "Whether to enable flexible factors for MFA in the PostLogin action",
+ "default": false
+ },
+ "acr_values_supported": {
+ "type": "array",
+ "description": "Supported ACR values",
+ "items": {
+ "type": "string",
+ "format": "acr"
+ }
+ },
+ "mtls": {
+ "$ref": "#/components/schemas/TenantSettingsMTLS"
+ },
+ "pushed_authorization_requests_supported": {
+ "type": "boolean",
+ "description": "Enables the use of Pushed Authorization Requests",
+ "default": false
+ },
+ "authorization_response_iss_parameter_supported": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Supports iss parameter in authorization responses",
+ "default": false
+ }
+ }
+ },
+ "GetTokenExchangeProfileResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the token exchange profile.",
+ "format": "token-exchange-profile-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "Friendly name of this profile.",
+ "default": "Token Exchange Profile 1",
+ "minLength": 3,
+ "maxLength": 50
+ },
+ "subject_token_type": {
+ "type": "string",
+ "description": "Subject token type for this profile. When receiving a token exchange request on the Authentication API, the corresponding token exchange profile with a matching subject_token_type will be executed. This must be a URI.",
+ "minLength": 8,
+ "maxLength": 100,
+ "format": "url"
+ },
+ "action_id": {
+ "type": "string",
+ "description": "The ID of the Custom Token Exchange action to execute for this profile, in order to validate the subject_token. The action must use the custom-token-exchange trigger.",
+ "minLength": 1,
+ "maxLength": 36
+ },
+ "type": {
+ "$ref": "#/components/schemas/TokenExchangeProfileTypeEnum"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this profile was created.",
+ "default": "2024-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this profile was updated.",
+ "default": "2024-01-01T00:00:00.000Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "GetUniversalLoginTemplate": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "body": {
+ "type": "string",
+ "description": "The custom page template for the New Universal Login Experience"
+ }
+ }
+ },
+ "GetUniversalLoginTemplateResponseContent": {
+ "type": "object",
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/GetUniversalLoginTemplate"
+ },
+ {
+ "type": "string",
+ "description": "The custom page template for the New Universal Login Experience"
+ }
+ ]
+ },
+ "GetUserAuthenticationMethodResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "created_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the authentication method (auto generated)"
+ },
+ "type": {
+ "$ref": "#/components/schemas/AuthenticationMethodTypeEnum"
+ },
+ "confirmed": {
+ "type": "boolean",
+ "description": "The authentication method status"
+ },
+ "name": {
+ "type": "string",
+ "description": "A human-readable label to identify the authentication method",
+ "maxLength": 20
+ },
+ "authentication_methods": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserAuthenticationMethodProperties"
+ }
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ },
+ "link_id": {
+ "type": "string",
+ "description": "The ID of a linked authentication method. Linked authentication methods will be deleted together."
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice."
+ },
+ "email": {
+ "type": "string",
+ "description": "Applies to email and email-verification authentication methods only. The email address used to send verification messages."
+ },
+ "key_id": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The ID of the generated credential."
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The public key."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Authenticator creation date",
+ "format": "date-time"
+ },
+ "enrolled_at": {
+ "type": "string",
+ "description": "Enrollment date",
+ "format": "date-time"
+ },
+ "last_auth_at": {
+ "type": "string",
+ "description": "Last authentication",
+ "format": "date-time"
+ },
+ "credential_device_type": {
+ "type": "string",
+ "description": "Applies to passkeys only. The kind of device the credential is stored on as defined by backup eligibility. \"single_device\" credentials cannot be backed up and synced to another device, \"multi_device\" credentials can be backed up if enabled by the end-user."
+ },
+ "credential_backed_up": {
+ "type": "boolean",
+ "description": "Applies to passkeys only. Whether the credential was backed up."
+ },
+ "identity_user_id": {
+ "type": "string",
+ "description": "Applies to passkeys only. The ID of the user identity linked with the authentication method."
+ },
+ "user_agent": {
+ "type": "string",
+ "description": "Applies to passkeys only. The user-agent of the browser used to create the passkey."
+ }
+ }
+ },
+ "GetUserResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs.",
+ "default": "auth0|507f1f77bcf86cd799439020"
+ },
+ "email": {
+ "type": "string",
+ "description": "Email address of this user.",
+ "default": "john.doe@gmail.com",
+ "format": "email"
+ },
+ "email_verified": {
+ "type": "boolean",
+ "description": "Whether this email address is verified (true) or unverified (false).",
+ "default": false
+ },
+ "username": {
+ "type": "string",
+ "description": "Username of this user.",
+ "default": "johndoe"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number for this user. Follows the E.164 recommendation.",
+ "default": "+199999999999999"
+ },
+ "phone_verified": {
+ "type": "boolean",
+ "description": "Whether this phone number has been verified (true) or not (false).",
+ "default": false
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "updated_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "identities": {
+ "type": "array",
+ "description": "Array of user identity objects when accounts are linked.",
+ "items": {
+ "$ref": "#/components/schemas/UserIdentitySchema"
+ }
+ },
+ "app_metadata": {
+ "$ref": "#/components/schemas/UserAppMetadataSchema"
+ },
+ "user_metadata": {
+ "$ref": "#/components/schemas/UserMetadataSchema"
+ },
+ "picture": {
+ "type": "string",
+ "description": "URL to picture, photo, or avatar of this user."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this user."
+ },
+ "nickname": {
+ "type": "string",
+ "description": "Preferred nickname or alias of this user."
+ },
+ "multifactor": {
+ "type": "array",
+ "description": "List of multi-factor authentication providers with which this user has enrolled.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "last_ip": {
+ "type": "string",
+ "description": "Last IP address from which this user logged in."
+ },
+ "last_login": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "logins_count": {
+ "type": "integer",
+ "description": "Total number of logins this user has performed."
+ },
+ "blocked": {
+ "type": "boolean",
+ "description": "Whether this user was blocked by an administrator (true) or is not (false)."
+ },
+ "given_name": {
+ "type": "string",
+ "description": "Given name/first name/forename of this user."
+ },
+ "family_name": {
+ "type": "string",
+ "description": "Family name/last name/surname of this user."
+ }
+ }
+ },
+ "GetVerifiableCredentialTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The id of the template.",
+ "default": "vct_0000000000000001"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the template."
+ },
+ "type": {
+ "type": "string",
+ "description": "The type of the template.",
+ "default": "mdl"
+ },
+ "dialect": {
+ "type": "string",
+ "description": "The dialect of the template.",
+ "default": "simplified/1.0",
+ "maxLength": 255
+ },
+ "presentation": {
+ "$ref": "#/components/schemas/MdlPresentationRequest"
+ },
+ "custom_certificate_authority": {
+ "type": "string",
+ "description": "The custom certificate authority.",
+ "minLength": 1,
+ "maxLength": 4096
+ },
+ "well_known_trusted_issuers": {
+ "type": "string",
+ "description": "The well-known trusted issuers, comma separated.",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "GuardianEnrollmentDate": {
+ "type": "string",
+ "description": "Enrollment date and time.",
+ "default": "2016-07-12T17:56:26.804Z"
+ },
+ "GuardianEnrollmentFactorEnum": {
+ "type": "string",
+ "description": "Optional. Specifies which factor the user must enroll with.true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.)"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.)"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ },
+ "options": {
+ "$ref": "#/components/schemas/SelfServiceProfileSsoTicketConnectionOptions"
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketConnectionOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "The connection's options (depend on the connection strategy)",
+ "additionalProperties": false,
+ "properties": {
+ "icon_url": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL for the icon. Must use HTTPS.",
+ "format": "strict-https-uri-or-null"
+ },
+ "domain_aliases": {
+ "type": "array",
+ "description": "List of domain_aliases that can be authenticated in the Identity Provider",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ },
+ "idpinitiated": {
+ "$ref": "#/components/schemas/SelfServiceProfileSsoTicketIdpInitiatedOptions"
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketDomainAliasesConfig": {
+ "type": "object",
+ "description": "Configuration for the setup of the connection’s domain_aliases in the self-service SSO flow.",
+ "additionalProperties": false,
+ "required": [
+ "domain_verification"
+ ],
+ "properties": {
+ "domain_verification": {
+ "$ref": "#/components/schemas/SelfServiceProfileSsoTicketDomainVerificationEnum"
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketDomainVerificationEnum": {
+ "type": "string",
+ "description": "Whether the end user should complete the domain verification step. Possible values are 'none' (the step is not shown to the user), 'optional' (the user may add a domain alias in the domain verification step) or 'required' (the user must add a domain alias in order to enable the connection). Defaults to 'none'.",
+ "enum": [
+ "none",
+ "optional",
+ "required"
+ ]
+ },
+ "SelfServiceProfileSsoTicketEnabledOrganization": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "organization_id"
+ ],
+ "properties": {
+ "organization_id": {
+ "type": "string",
+ "description": "Organization identifier.",
+ "maxLength": 50,
+ "format": "organization-id"
+ },
+ "assign_membership_on_login": {
+ "type": "boolean",
+ "description": "When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection."
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true."
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketIdpInitiatedClientProtocolEnum": {
+ "type": "string",
+ "description": "The protocol used to connect to the the default application",
+ "enum": [
+ "samlp",
+ "wsfed",
+ "oauth2"
+ ]
+ },
+ "SelfServiceProfileSsoTicketIdpInitiatedOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Allows IdP-initiated login",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Enables IdP-initiated login for this connection"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "Default application client_id user is redirected to after validated SAML response",
+ "format": "client-id"
+ },
+ "client_protocol": {
+ "$ref": "#/components/schemas/SelfServiceProfileSsoTicketIdpInitiatedClientProtocolEnum"
+ },
+ "client_authorizequery": {
+ "type": "string",
+ "description": "Query string options to customize the behaviour for OpenID Connect when idpinitiated.client_protocol is oauth2. Allowed parameters: redirect_uri, scope, response_type. For example, redirect_uri=https://jwt.io&scope=openid email&response_type=token",
+ "maxLength": 256
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketProvisioningConfig": {
+ "type": "object",
+ "description": "Configuration for the setup of Provisioning in the self-service flow.",
+ "additionalProperties": false,
+ "required": [
+ "scopes"
+ ],
+ "properties": {
+ "scopes": {
+ "type": "array",
+ "description": "The scopes of the SCIM tokens generated during the self-service flow.",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileSsoTicketProvisioningScopeEnum"
+ }
+ },
+ "token_lifetime": {
+ "description": "Lifetime of the tokens in seconds. Must be greater than 900. If not provided, the tokens don't expire.",
+ "type": [
+ "integer",
+ "null"
+ ]
+ }
+ }
+ },
+ "SelfServiceProfileSsoTicketProvisioningScopeEnum": {
+ "type": "string",
+ "enum": [
+ "get:users",
+ "post:users",
+ "put:users",
+ "patch:users",
+ "delete:users"
+ ]
+ },
+ "SelfServiceProfileUserAttribute": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "name",
+ "description",
+ "is_optional"
+ ],
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Identifier of this attribute.",
+ "maxLength": 250
+ },
+ "description": {
+ "type": "string",
+ "description": "Description of this attribute."
+ },
+ "is_optional": {
+ "type": "boolean",
+ "description": "Determines if this attribute is required"
+ }
+ }
+ },
+ "SelfServiceProfileUserAttributes": {
+ "description": "List of attributes to be mapped that will be shown to the user during the SS-SSO flow.",
+ "type": [
+ "array",
+ "null"
+ ],
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileUserAttribute"
+ }
+ },
+ "SessionAuthenticationSignal": {
+ "type": "object",
+ "description": "Authentication signal details",
+ "additionalProperties": true,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "One of: \"federated\", \"passkey\", \"pwd\", \"sms\", \"email\", \"mfa\", \"mock\" or a custom method denoted by a URL"
+ },
+ "timestamp": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "^type$": {
+ "type": "string",
+ "description": "A specific MFA factor. Only present when \"name\" is set to \"mfa\""
+ }
+ }
+ },
+ "SessionAuthenticationSignals": {
+ "type": "object",
+ "description": "Details about authentication signals obtained during the login flow",
+ "additionalProperties": true,
+ "properties": {
+ "methods": {
+ "type": "array",
+ "description": "Contains the authentication methods a user has completed during their session",
+ "items": {
+ "$ref": "#/components/schemas/SessionAuthenticationSignal"
+ }
+ }
+ }
+ },
+ "SessionClientMetadata": {
+ "type": "object",
+ "description": "Client details",
+ "additionalProperties": true,
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of client for the session"
+ }
+ }
+ },
+ "SessionCookieMetadata": {
+ "type": "object",
+ "description": "[Private Early Access] Session cookie configuration.",
+ "additionalProperties": true,
+ "properties": {
+ "mode": {
+ "$ref": "#/components/schemas/SessionCookieMetadataModeEnum"
+ }
+ }
+ },
+ "SessionCookieMetadataModeEnum": {
+ "type": "string",
+ "description": "[Private Early Access] The persistence mode of the session cookie. When set to \"non-persistent\" (ephemeral), the cookie will be deleted when the browser is closed. When set to \"persistent\", the cookie will be stored until it expires or is deleted by the user.",
+ "enum": [
+ "non-persistent",
+ "persistent"
+ ]
+ },
+ "SessionCookieModeEnum": {
+ "type": "string",
+ "description": "Behavior of the session cookie",
+ "default": "persistent",
+ "enum": [
+ "persistent",
+ "non-persistent"
+ ]
+ },
+ "SessionCookieSchema": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Session cookie configuration",
+ "additionalProperties": false,
+ "required": [
+ "mode"
+ ],
+ "properties": {
+ "mode": {
+ "$ref": "#/components/schemas/SessionCookieModeEnum"
+ }
+ }
+ },
+ "SessionDate": {
+ "oneOf": [
+ {
+ "type": "string",
+ "description": "The date and time when the session was created",
+ "format": "date-time"
+ },
+ {
+ "type": "object",
+ "description": "The date and time when the session was created",
+ "additionalProperties": true
+ },
+ {
+ "type": "null"
+ }
+ ]
+ },
+ "SessionDeviceMetadata": {
+ "type": "object",
+ "description": "Metadata related to the device used in the session",
+ "additionalProperties": true,
+ "properties": {
+ "initial_user_agent": {
+ "type": "string",
+ "description": "First user agent of the device from which this user logged in"
+ },
+ "initial_ip": {
+ "$ref": "#/components/schemas/SessionIp"
+ },
+ "initial_asn": {
+ "type": "string",
+ "description": "First autonomous system number associated with this session"
+ },
+ "last_user_agent": {
+ "type": "string",
+ "description": "Last user agent of the device from which this user logged in"
+ },
+ "last_ip": {
+ "$ref": "#/components/schemas/SessionIp"
+ },
+ "last_asn": {
+ "type": "string",
+ "description": "Last autonomous system number from which this user logged in"
+ }
+ }
+ },
+ "SessionIp": {
+ "description": "First IP address associated with this session",
+ "type": [
+ "string",
+ "null"
+ ]
+ },
+ "SessionResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the session"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs."
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "updated_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "authenticated_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "idle_expires_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "expires_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "last_interacted_at": {
+ "$ref": "#/components/schemas/SessionDate"
+ },
+ "device": {
+ "$ref": "#/components/schemas/SessionDeviceMetadata"
+ },
+ "clients": {
+ "type": "array",
+ "description": "List of client details for the session",
+ "items": {
+ "$ref": "#/components/schemas/SessionClientMetadata"
+ }
+ },
+ "authentication": {
+ "$ref": "#/components/schemas/SessionAuthenticationSignals"
+ },
+ "cookie": {
+ "$ref": "#/components/schemas/SessionCookieMetadata"
+ }
+ }
+ },
+ "SetCustomSigningKeysRequestContent": {
+ "type": "object",
+ "description": "JWKS representing an array of custom public signing keys.",
+ "additionalProperties": false,
+ "required": [
+ "keys"
+ ],
+ "properties": {
+ "keys": {
+ "type": "array",
+ "description": "An array of custom public signing keys.",
+ "items": {
+ "$ref": "#/components/schemas/CustomSigningKeyJWK"
+ }
+ }
+ }
+ },
+ "SetCustomSigningKeysResponseContent": {
+ "type": "object",
+ "description": "JWKS representing an array of custom public signing keys.",
+ "additionalProperties": false,
+ "properties": {
+ "keys": {
+ "type": "array",
+ "description": "An array of custom public signing keys.",
+ "items": {
+ "$ref": "#/components/schemas/CustomSigningKeyJWK"
+ }
+ }
+ }
+ },
+ "SetEmailTemplateRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "template",
+ "body",
+ "from",
+ "subject",
+ "syntax",
+ "enabled"
+ ],
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "SetEmailTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "template",
+ "body",
+ "from",
+ "subject",
+ "syntax",
+ "enabled"
+ ],
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "SetGuardianFactorDuoSettingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "ikey": {
+ "type": "string",
+ "maxLength": 10000
+ },
+ "skey": {
+ "type": "string",
+ "maxLength": 10000,
+ "format": "non-empty-string"
+ },
+ "host": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "SetGuardianFactorDuoSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "ikey": {
+ "type": "string",
+ "maxLength": 10000
+ },
+ "skey": {
+ "type": "string",
+ "maxLength": 10000,
+ "format": "non-empty-string"
+ },
+ "host": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "SetGuardianFactorPhoneMessageTypesRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "message_types"
+ ],
+ "properties": {
+ "message_types": {
+ "type": "array",
+ "description": "The list of phone factors to enable on the tenant. Can include `sms` and `voice`.",
+ "items": {
+ "$ref": "#/components/schemas/GuardianFactorPhoneFactorMessageTypeEnum"
+ }
+ }
+ }
+ },
+ "SetGuardianFactorPhoneMessageTypesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "message_types": {
+ "type": "array",
+ "description": "The list of phone factors to enable on the tenant. Can include `sms` and `voice`.",
+ "items": {
+ "$ref": "#/components/schemas/GuardianFactorPhoneFactorMessageTypeEnum"
+ }
+ }
+ }
+ },
+ "SetGuardianFactorPhoneTemplatesRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "SetGuardianFactorPhoneTemplatesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "SetGuardianFactorRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enabled"
+ ],
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether this factor is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "SetGuardianFactorResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enabled"
+ ],
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether this factor is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "SetGuardianFactorSmsTemplatesRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "SetGuardianFactorSmsTemplatesResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "enrollment_message",
+ "verification_message"
+ ],
+ "properties": {
+ "enrollment_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are invited to enroll with a phone number.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
+ },
+ "verification_message": {
+ "type": "string",
+ "description": "Message sent to the user when they are prompted to verify their account.",
+ "default": "{{code}} is your verification code for {{tenant.friendly_name}}"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPhoneRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "provider"
+ ],
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPhoneResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPhoneTwilioRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPhoneTwilioResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationApnsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "sandbox": {
+ "type": "boolean"
+ },
+ "bundle_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "p12": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 10000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationApnsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "sandbox": {
+ "type": "boolean"
+ },
+ "bundle_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationFcmRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "server_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 152
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationFcmResponseContent": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "SetGuardianFactorsProviderPushNotificationFcmv1RequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "server_credentials": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 10000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationFcmv1ResponseContent": {
+ "type": "object",
+ "additionalProperties": true
+ },
+ "SetGuardianFactorsProviderPushNotificationRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "provider"
+ ],
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderPushNotificationProviderDataEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderPushNotificationProviderDataEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationSnsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "aws_access_key_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_secret_access_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "B1ER5JHDGJL3C4sVAKK7SBsq806R3IpL",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_region": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "us-west-1",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_apns_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_gcm_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "urn://yRMeBxgcCXh8MeTXPBAxhQnm6gP6f5nP",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderPushNotificationSnsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "aws_access_key_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_secret_access_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "B1ER5JHDGJL3C4sVAKK7SBsq806R3IpL",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_region": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "us-west-1",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_apns_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_gcm_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "urn://yRMeBxgcCXh8MeTXPBAxhQnm6gP6f5nP",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderSmsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "provider"
+ ],
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderSmsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "provider": {
+ "$ref": "#/components/schemas/GuardianFactorsProviderSmsProviderEnum"
+ }
+ }
+ },
+ "SetGuardianFactorsProviderSmsTwilioRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianFactorsProviderSmsTwilioResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "From number",
+ "default": "+1223323",
+ "minLength": 0,
+ "maxLength": 64
+ },
+ "messaging_service_sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Copilot SID",
+ "default": "5dEkAiHLPCuQ1uJj4qNXcAnERFAL6cpq",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "auth_token": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio Authentication token",
+ "default": "zw5Ku6z2sxhd0ZVXto5SDHX6KPDByJPU",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sid": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Twilio SID",
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "SetGuardianPoliciesRequestContent": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/MFAPolicyEnum"
+ }
+ },
+ "SetGuardianPoliciesResponseContent": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/MFAPolicyEnum"
+ }
+ },
+ "SetNetworkAclRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "description",
+ "active",
+ "priority",
+ "rule"
+ ],
+ "properties": {
+ "description": {
+ "type": "string",
+ "maxLength": 255
+ },
+ "active": {
+ "type": "boolean",
+ "description": "Indicates whether or not this access control list is actively being used"
+ },
+ "priority": {
+ "type": "number",
+ "description": "Indicates the order in which the ACL will be evaluated relative to other ACL rules."
+ },
+ "rule": {
+ "$ref": "#/components/schemas/NetworkAclRule"
+ }
+ }
+ },
+ "SetNetworkAclsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "description": {
+ "type": "string"
+ },
+ "active": {
+ "type": "boolean"
+ },
+ "priority": {
+ "type": "number"
+ },
+ "rule": {
+ "$ref": "#/components/schemas/NetworkAclRule"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was created"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was last updated"
+ }
+ }
+ },
+ "SetPartialsRequestContent": {
+ "type": "object",
+ "description": "An object containing template partials for a group of screens.",
+ "additionalProperties": true
+ },
+ "SetRulesConfigRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "value"
+ ],
+ "properties": {
+ "value": {
+ "type": "string",
+ "description": "Value for a rules config variable.",
+ "default": "MY_RULES_CONFIG_VALUE"
+ }
+ }
+ },
+ "SetRulesConfigResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "key",
+ "value"
+ ],
+ "properties": {
+ "key": {
+ "type": "string",
+ "description": "Key for a rules config variable.",
+ "default": "MY_RULES_CONFIG_KEY",
+ "minLength": 1,
+ "maxLength": 127
+ },
+ "value": {
+ "type": "string",
+ "description": "Value for a rules config variable.",
+ "default": "MY_RULES_CONFIG_VALUE"
+ }
+ }
+ },
+ "SetSelfServiceProfileCustomTextRequestContent": {
+ "type": "object",
+ "description": "The list of text keys and values to customize the self-service SSO page. Values can be plain text or rich HTML content limited to basic styling tags and hyperlinks.",
+ "additionalProperties": true
+ },
+ "SetSelfServiceProfileCustomTextResponseContent": {
+ "type": "object",
+ "description": "The resulting list of custom text keys and values.",
+ "additionalProperties": true
+ },
+ "SetUserAuthenticationMethodResponseContent": {
+ "type": "object",
+ "description": "The successfully created authentication method.",
+ "additionalProperties": false,
+ "required": [
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the newly created authentication method (automatically generated by the application)",
+ "format": "authenticator-id"
+ },
+ "type": {
+ "$ref": "#/components/schemas/CreatedAuthenticationMethodTypeEnum"
+ },
+ "name": {
+ "type": "string",
+ "description": "A human-readable label to identify the authentication method."
+ },
+ "totp_secret": {
+ "type": "string",
+ "description": "Base32 encoded secret for TOTP generation"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice.",
+ "minLength": 2,
+ "maxLength": 30
+ },
+ "email": {
+ "type": "string",
+ "description": "Applies to email authentication methods only. The email address used to send verification messages."
+ },
+ "authentication_methods": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserAuthenticationMethodProperties"
+ }
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ },
+ "key_id": {
+ "type": "string",
+ "description": "Applies to webauthn authenticators only. The id of the credential."
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Applies to webauthn authenticators only. The public key."
+ },
+ "relying_party_identifier": {
+ "type": "string",
+ "description": "Applies to webauthn authenticators only. The relying party identifier."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Authentication method creation date",
+ "format": "date-time"
+ }
+ }
+ },
+ "SetUserAuthenticationMethods": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "type"
+ ],
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/AuthenticationTypeEnum"
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ },
+ "name": {
+ "type": "string",
+ "description": "AA human-readable label to identify the authentication method.",
+ "minLength": 1,
+ "maxLength": 20
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice.",
+ "minLength": 2,
+ "maxLength": 30
+ },
+ "email": {
+ "type": "string",
+ "description": "Applies to email authentication methods only. The email address used to send verification messages.",
+ "minLength": 1
+ },
+ "totp_secret": {
+ "type": "string",
+ "description": "Applies to totp authentication methods only. The base32 encoded secret for TOTP generation.",
+ "minLength": 1
+ }
+ }
+ },
+ "SetUserAuthenticationMethodsRequestContent": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/SetUserAuthenticationMethods"
+ }
+ },
+ "SetsCustomTextsByLanguageRequestContent": {
+ "type": "object",
+ "description": "An object containing custom dictionaries for a group of screens.",
+ "additionalProperties": true
+ },
+ "SigningAlgorithmEnum": {
+ "type": "string",
+ "description": "Algorithm used to sign JWTs. Can be `HS256` or `RS256`. `PS256` available via addon.",
+ "default": "HS256",
+ "enum": [
+ "HS256",
+ "RS256",
+ "RS512",
+ "PS256"
+ ]
+ },
+ "SigningKeys": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "cert",
+ "kid",
+ "fingerprint",
+ "thumbprint"
+ ],
+ "properties": {
+ "kid": {
+ "type": "string",
+ "description": "The key id of the signing key",
+ "default": "21hi274Rp02112mgkUGma"
+ },
+ "cert": {
+ "type": "string",
+ "description": "The public certificate of the signing key",
+ "default": "-----BEGIN CERTIFICATE-----\r\nMIIDDTCCA...YiA0TQhAt8=\r\n-----END CERTIFICATE-----"
+ },
+ "pkcs7": {
+ "type": "string",
+ "description": "The public certificate of the signing key in pkcs7 format",
+ "default": "-----BEGIN PKCS7-----\r\nMIIDPA....t8xAA==\r\n-----END PKCS7-----"
+ },
+ "current": {
+ "type": "boolean",
+ "description": "True if the key is the the current key",
+ "default": true
+ },
+ "next": {
+ "type": "boolean",
+ "description": "True if the key is the the next key"
+ },
+ "previous": {
+ "type": "boolean",
+ "description": "True if the key is the the previous key"
+ },
+ "current_since": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ },
+ "current_until": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ },
+ "fingerprint": {
+ "type": "string",
+ "description": "The cert fingerprint",
+ "default": "CC:FB:DD:D8:9A:B5:DE:1B:F0:CC:36:D2:99:59:21:12:03:DD:A8:25"
+ },
+ "thumbprint": {
+ "type": "string",
+ "description": "The cert thumbprint",
+ "default": "CCFBDDD89AB5DE1BF0CC36D29959211203DDA825"
+ },
+ "revoked": {
+ "type": "boolean",
+ "description": "True if the key is revoked"
+ },
+ "revoked_at": {
+ "$ref": "#/components/schemas/SigningKeysDate"
+ }
+ }
+ },
+ "SigningKeysDate": {
+ "oneOf": [
+ {
+ "type": "string",
+ "description": "The date and time when the key became the current key"
+ },
+ {
+ "type": "object",
+ "description": "The date and time when the key became the current key",
+ "additionalProperties": true
+ }
+ ]
+ },
+ "SignupSchema": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "status": {
+ "$ref": "#/components/schemas/SignupStatusEnum"
+ }
+ }
+ },
+ "SignupStatusEnum": {
+ "type": "string",
+ "enum": [
+ "required",
+ "optional",
+ "inactive"
+ ]
+ },
+ "SignupVerification": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "active": {
+ "type": "boolean"
+ }
+ }
+ },
+ "SignupVerified": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "status": {
+ "$ref": "#/components/schemas/SignupStatusEnum"
+ },
+ "verification": {
+ "$ref": "#/components/schemas/SignupVerification"
+ }
+ }
+ },
+ "SupportedLocales": {
+ "type": "string",
+ "enum": [
+ "am",
+ "ar",
+ "ar-EG",
+ "ar-SA",
+ "az",
+ "bg",
+ "bn",
+ "bs",
+ "ca-ES",
+ "cnr",
+ "cs",
+ "cy",
+ "da",
+ "de",
+ "el",
+ "en",
+ "en-CA",
+ "es",
+ "es-419",
+ "es-AR",
+ "es-MX",
+ "et",
+ "eu-ES",
+ "fa",
+ "fi",
+ "fr",
+ "fr-CA",
+ "fr-FR",
+ "gl-ES",
+ "gu",
+ "he",
+ "hi",
+ "hr",
+ "hu",
+ "hy",
+ "id",
+ "is",
+ "it",
+ "ja",
+ "ka",
+ "kk",
+ "kn",
+ "ko",
+ "lt",
+ "lv",
+ "mk",
+ "ml",
+ "mn",
+ "mr",
+ "ms",
+ "my",
+ "nb",
+ "nl",
+ "nn",
+ "no",
+ "pa",
+ "pl",
+ "pt",
+ "pt-BR",
+ "pt-PT",
+ "ro",
+ "ru",
+ "sk",
+ "sl",
+ "so",
+ "sq",
+ "sr",
+ "sv",
+ "sw",
+ "ta",
+ "te",
+ "th",
+ "tl",
+ "tr",
+ "uk",
+ "ur",
+ "vi",
+ "zgh",
+ "zh-CN",
+ "zh-HK",
+ "zh-TW"
+ ]
+ },
+ "SuspiciousIPThrottlingAllowlist": {
+ "type": "array",
+ "description": "List of trusted IP addresses that will not have attack protection enforced against them.",
+ "items": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingAllowlistItem"
+ }
+ },
+ "SuspiciousIPThrottlingAllowlistItem": {
+ "type": "string",
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipv4"
+ },
+ {
+ "type": "string",
+ "format": "cidr"
+ },
+ {
+ "type": "string",
+ "format": "ipv6"
+ },
+ {
+ "type": "string",
+ "format": "ipv6_cidr"
+ }
+ ]
+ },
+ "SuspiciousIPThrottlingPreLoginStage": {
+ "type": "object",
+ "description": "Configuration options that apply before every login attempt.",
+ "additionalProperties": false,
+ "properties": {
+ "max_attempts": {
+ "type": "integer",
+ "description": "Total number of attempts allowed per day.",
+ "default": 100
+ },
+ "rate": {
+ "type": "integer",
+ "description": "Interval of time, given in milliseconds, at which new attempts are granted.",
+ "default": 864000
+ }
+ }
+ },
+ "SuspiciousIPThrottlingPreUserRegistrationStage": {
+ "type": "object",
+ "description": "Configuration options that apply before every user registration attempt.",
+ "additionalProperties": false,
+ "properties": {
+ "max_attempts": {
+ "type": "integer",
+ "description": "Total number of attempts allowed.",
+ "default": 50
+ },
+ "rate": {
+ "type": "integer",
+ "description": "Interval of time, given in milliseconds, at which new attempts are granted.",
+ "default": 1728000
+ }
+ }
+ },
+ "SuspiciousIPThrottlingShieldsEnum": {
+ "type": "string",
+ "enum": [
+ "block",
+ "admin_notification"
+ ]
+ },
+ "SuspiciousIPThrottlingStage": {
+ "type": "object",
+ "description": "Holds per-stage configuration options (max_attempts and rate).",
+ "additionalProperties": false,
+ "properties": {
+ "pre-login": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingPreLoginStage"
+ },
+ "pre-user-registration": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingPreUserRegistrationStage"
+ }
+ }
+ },
+ "TenantOIDCLogoutSettings": {
+ "type": "object",
+ "description": "Settings related to OIDC RP-initiated Logout",
+ "additionalProperties": false,
+ "properties": {
+ "rp_logout_end_session_endpoint_discovery": {
+ "type": "boolean",
+ "description": "Enable the end_session_endpoint URL in the .well-known discovery configuration",
+ "default": true
+ }
+ }
+ },
+ "TenantSettingsDeviceFlow": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Device Flow configuration",
+ "additionalProperties": false,
+ "properties": {
+ "charset": {
+ "$ref": "#/components/schemas/TenantSettingsDeviceFlowCharset"
+ },
+ "mask": {
+ "type": "string",
+ "description": "Mask used to format a generated User Code into a friendly, readable format.",
+ "default": "****-****",
+ "maxLength": 20
+ }
+ }
+ },
+ "TenantSettingsDeviceFlowCharset": {
+ "type": "string",
+ "description": "Character set used to generate a User Code. Can be `base20` or `digits`.",
+ "default": "base20",
+ "enum": [
+ "base20",
+ "digits"
+ ]
+ },
+ "TenantSettingsErrorPage": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Error page customization.",
+ "additionalProperties": false,
+ "properties": {
+ "html": {
+ "type": "string",
+ "description": "Custom Error HTML (Liquid syntax is supported).",
+ "default": ""
+ },
+ "show_log_link": {
+ "type": "boolean",
+ "description": "Whether to show the link to log as part of the default error page (true, default) or not to show the link (false).",
+ "default": false
+ },
+ "url": {
+ "type": "string",
+ "description": "URL to redirect to when an error occurs instead of showing the default error page.",
+ "default": "https://mycompany.org/error",
+ "format": "absolute-uri-or-empty"
+ }
+ }
+ },
+ "TenantSettingsFlags": {
+ "type": "object",
+ "description": "Flags used to change the behavior of this tenant.",
+ "additionalProperties": false,
+ "properties": {
+ "change_pwd_flow_v1": {
+ "type": "boolean",
+ "description": "Whether to use the older v1 change password flow (true, not recommended except for backward compatibility) or the newer safer flow (false, recommended).",
+ "default": false
+ },
+ "enable_apis_section": {
+ "type": "boolean",
+ "description": "Whether the APIs section is enabled (true) or disabled (false).",
+ "default": false
+ },
+ "disable_impersonation": {
+ "type": "boolean",
+ "description": "Whether the impersonation functionality has been disabled (true) or not (false). Read-only.",
+ "default": false
+ },
+ "enable_client_connections": {
+ "type": "boolean",
+ "description": "Whether all current connections should be enabled when a new client (application) is created (true, default) or not (false).",
+ "default": true
+ },
+ "enable_pipeline2": {
+ "type": "boolean",
+ "description": "Whether advanced API Authorization scenarios are enabled (true) or disabled (false).",
+ "default": true
+ },
+ "allow_legacy_delegation_grant_types": {
+ "type": "boolean",
+ "description": "If enabled, clients are able to add legacy delegation grants."
+ },
+ "allow_legacy_ro_grant_types": {
+ "type": "boolean",
+ "description": "If enabled, clients are able to add legacy RO grants."
+ },
+ "allow_legacy_tokeninfo_endpoint": {
+ "type": "boolean",
+ "description": "Whether the legacy `/tokeninfo` endpoint is enabled for your account (true) or unavailable (false)."
+ },
+ "enable_legacy_profile": {
+ "type": "boolean",
+ "description": "Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false)."
+ },
+ "enable_idtoken_api2": {
+ "type": "boolean",
+ "description": "Whether ID tokens can be used to authorize some types of requests to API v2 (true) not not (false)."
+ },
+ "enable_public_signup_user_exists_error": {
+ "type": "boolean",
+ "description": "Whether the public sign up process shows a user_exists error (true) or a generic error (false) if the user already exists."
+ },
+ "enable_sso": {
+ "type": "boolean",
+ "description": "Whether users are prompted to confirm log in before SSO redirection (false) or are not prompted (true)."
+ },
+ "allow_changing_enable_sso": {
+ "type": "boolean",
+ "description": "Whether the `enable_sso` setting can be changed (true) or not (false)."
+ },
+ "disable_clickjack_protection_headers": {
+ "type": "boolean",
+ "description": "Whether classic Universal Login prompts include additional security headers to prevent clickjacking (true) or no safeguard (false)."
+ },
+ "no_disclose_enterprise_connections": {
+ "type": "boolean",
+ "description": "Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file."
+ },
+ "enforce_client_authentication_on_passwordless_start": {
+ "type": "boolean",
+ "description": "Enforce client authentication for passwordless start."
+ },
+ "enable_adfs_waad_email_verification": {
+ "type": "boolean",
+ "description": "Enables the email verification flow during login for Azure AD and ADFS connections"
+ },
+ "revoke_refresh_token_grant": {
+ "type": "boolean",
+ "description": "Delete underlying grant when a Refresh Token is revoked via the Authentication API."
+ },
+ "dashboard_log_streams_next": {
+ "type": "boolean",
+ "description": "Enables beta access to log streaming changes"
+ },
+ "dashboard_insights_view": {
+ "type": "boolean",
+ "description": "Enables new insights activity page view"
+ },
+ "disable_fields_map_fix": {
+ "type": "boolean",
+ "description": "Disables SAML fields map fix for bad mappings with repeated attributes"
+ },
+ "mfa_show_factor_list_on_enrollment": {
+ "type": "boolean",
+ "description": "Used to allow users to pick what factor to enroll of the available MFA factors."
+ },
+ "remove_alg_from_jwks": {
+ "type": "boolean",
+ "description": "Removes alg property from jwks .well-known endpoint"
+ },
+ "improved_signup_bot_detection_in_classic": {
+ "type": "boolean",
+ "description": "Improves bot detection during signup in classic universal login"
+ },
+ "genai_trial": {
+ "type": "boolean",
+ "description": "This tenant signed up for the Auth4GenAI trail"
+ },
+ "enable_dynamic_client_registration": {
+ "type": "boolean",
+ "description": "Whether third-party developers can dynamically register applications for your APIs (true) or not (false). This flag enables dynamic client registration.",
+ "default": false
+ },
+ "disable_management_api_sms_obfuscation": {
+ "type": "boolean",
+ "description": "If true, SMS phone numbers will not be obfuscated in Management API GET calls.",
+ "default": true
+ },
+ "trust_azure_adfs_email_verified_connection_property": {
+ "type": "boolean",
+ "description": "Changes email_verified behavior for Azure AD/ADFS connections when enabled. Sets email_verified to false otherwise.",
+ "default": false
+ },
+ "custom_domains_provisioning": {
+ "type": "boolean",
+ "description": "If true, custom domains feature will be enabled for tenant.",
+ "default": false
+ }
+ }
+ },
+ "TenantSettingsGuardianPage": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Guardian page customization.",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether to use the custom Guardian HTML (true) or the default Auth0 page (false, default)",
+ "default": false
+ },
+ "html": {
+ "type": "string",
+ "description": " Custom Guardian HTML (Liquid syntax is supported).",
+ "default": ""
+ }
+ }
+ },
+ "TenantSettingsMTLS": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "mTLS configuration.",
+ "additionalProperties": false,
+ "properties": {
+ "enable_endpoint_aliases": {
+ "type": "boolean",
+ "description": "If true, enables mTLS endpoint aliases",
+ "default": false
+ }
+ }
+ },
+ "TenantSettingsPasswordPage": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Change Password page customization.",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether to use the custom change password HTML (true) or the default Auth0 page (false). Default is to use the Auth0 page.",
+ "default": false
+ },
+ "html": {
+ "type": "string",
+ "description": "Custom change password HTML (Liquid syntax supported).",
+ "default": ""
+ }
+ }
+ },
+ "TenantSettingsSessions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Sessions related settings for tenant",
+ "additionalProperties": false,
+ "properties": {
+ "oidc_logout_prompt_enabled": {
+ "type": "boolean",
+ "description": "Whether to bypass prompting logic (false) when performing OIDC Logout",
+ "default": true
+ }
+ }
+ },
+ "TestActionPayload": {
+ "type": "object",
+ "description": "The payload for the action.",
+ "additionalProperties": true
+ },
+ "TestActionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "payload"
+ ],
+ "properties": {
+ "payload": {
+ "$ref": "#/components/schemas/TestActionPayload"
+ }
+ }
+ },
+ "TestActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "payload": {
+ "$ref": "#/components/schemas/TestActionResultPayload"
+ }
+ }
+ },
+ "TestActionResultPayload": {
+ "type": "object",
+ "description": "The resulting payload after an action was executed.",
+ "additionalProperties": true
+ },
+ "TestCustomDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "success"
+ ],
+ "properties": {
+ "success": {
+ "type": "boolean",
+ "description": "Result of the operation."
+ },
+ "message": {
+ "type": "string",
+ "description": "Message describing the operation status."
+ }
+ }
+ },
+ "TestEventDataContent": {
+ "type": "object",
+ "description": "The raw payload of the test event.",
+ "additionalProperties": true
+ },
+ "TokenExchangeProfileResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the token exchange profile.",
+ "format": "token-exchange-profile-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "Friendly name of this profile.",
+ "default": "Token Exchange Profile 1",
+ "minLength": 3,
+ "maxLength": 50
+ },
+ "subject_token_type": {
+ "type": "string",
+ "description": "Subject token type for this profile. When receiving a token exchange request on the Authentication API, the corresponding token exchange profile with a matching subject_token_type will be executed. This must be a URI.",
+ "minLength": 8,
+ "maxLength": 100,
+ "format": "url"
+ },
+ "action_id": {
+ "type": "string",
+ "description": "The ID of the Custom Token Exchange action to execute for this profile, in order to validate the subject_token. The action must use the custom-token-exchange trigger.",
+ "minLength": 1,
+ "maxLength": 36
+ },
+ "type": {
+ "$ref": "#/components/schemas/TokenExchangeProfileTypeEnum"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this profile was created.",
+ "default": "2024-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this profile was updated.",
+ "default": "2024-01-01T00:00:00.000Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "TokenExchangeProfileTypeEnum": {
+ "type": "string",
+ "description": "The type of the profile, which controls how the profile will be executed when receiving a token exchange request.",
+ "minLength": 1,
+ "maxLength": 21,
+ "enum": [
+ "custom_authentication"
+ ]
+ },
+ "TokenQuota": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "client_credentials"
+ ],
+ "x-release-lifecycle": "EA",
+ "properties": {
+ "client_credentials": {
+ "$ref": "#/components/schemas/TokenQuotaClientCredentials"
+ }
+ }
+ },
+ "TokenQuotaClientCredentials": {
+ "type": "object",
+ "description": "The token quota configuration",
+ "additionalProperties": false,
+ "properties": {
+ "enforce": {
+ "type": "boolean",
+ "description": "If enabled, the quota will be enforced and requests in excess of the quota will fail. If disabled, the quota will not be enforced, but notifications for requests exceeding the quota will be available in logs."
+ },
+ "per_day": {
+ "type": "integer",
+ "description": "Maximum number of issued tokens per day"
+ },
+ "per_hour": {
+ "type": "integer",
+ "description": "Maximum number of issued tokens per hour"
+ }
+ }
+ },
+ "TokenQuotaConfiguration": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "client_credentials"
+ ],
+ "properties": {
+ "client_credentials": {
+ "$ref": "#/components/schemas/TokenQuotaClientCredentials"
+ }
+ }
+ },
+ "TwilioProviderConfiguration": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "sid",
+ "delivery_methods"
+ ],
+ "properties": {
+ "default_from": {
+ "type": "string"
+ },
+ "mssid": {
+ "type": "string"
+ },
+ "sid": {
+ "type": "string"
+ },
+ "delivery_methods": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/TwilioProviderDeliveryMethodEnum"
+ }
+ }
+ }
+ },
+ "TwilioProviderCredentials": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "auth_token"
+ ],
+ "properties": {
+ "auth_token": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ },
+ "TwilioProviderDeliveryMethodEnum": {
+ "type": "string",
+ "enum": [
+ "text",
+ "voice"
+ ]
+ },
+ "UniversalLoginExperienceEnum": {
+ "type": "string",
+ "description": "Which login experience to use. Can be `new` or `classic`.",
+ "enum": [
+ "new",
+ "classic"
+ ]
+ },
+ "UpdateActionBindingItem": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/ActionBindingWithRef"
+ }
+ ]
+ },
+ "UpdateActionBindingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "bindings": {
+ "type": "array",
+ "description": "The actions that will be bound to this trigger. The order in which they are included will be the order in which they are executed.",
+ "items": {
+ "$ref": "#/components/schemas/UpdateActionBindingItem"
+ }
+ }
+ }
+ },
+ "UpdateActionBindingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "bindings": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/ActionBinding"
+ }
+ }
+ }
+ },
+ "UpdateActionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of an action.",
+ "default": "my-action"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this action supports. At this time, an action can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this action depends on.",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`, defaults to `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretRequest"
+ }
+ }
+ }
+ },
+ "UpdateActionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the action.",
+ "default": "910b1053-577f-4d81-a8c8-020e7319a38a"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of an action.",
+ "default": "my-action"
+ },
+ "supported_triggers": {
+ "type": "array",
+ "description": "The list of triggers that this action supports. At this time, an action can only target a single trigger at a time.",
+ "items": {
+ "$ref": "#/components/schemas/ActionTrigger"
+ }
+ },
+ "all_changes_deployed": {
+ "type": "boolean",
+ "description": "True if all of an Action's contents have been deployed.",
+ "default": false
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this action was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this action was updated.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "code": {
+ "type": "string",
+ "description": "The source code of the action.",
+ "default": "module.exports = () => {}"
+ },
+ "dependencies": {
+ "type": "array",
+ "description": "The list of third party npm modules, and their versions, that this action depends on.",
+ "items": {
+ "$ref": "#/components/schemas/ActionVersionDependency"
+ }
+ },
+ "runtime": {
+ "type": "string",
+ "description": "The Node runtime. For example: `node22`, defaults to `node22`",
+ "default": "node22"
+ },
+ "secrets": {
+ "type": "array",
+ "description": "The list of secrets that are included in an action or a version of an action.",
+ "items": {
+ "$ref": "#/components/schemas/ActionSecretResponse"
+ }
+ },
+ "deployed_version": {
+ "$ref": "#/components/schemas/ActionDeployedVersion"
+ },
+ "installed_integration_id": {
+ "type": "string",
+ "description": "installed_integration_id is the fk reference to the InstalledIntegration entity.",
+ "default": "7d2bc0c9-c0c2-433a-9f4e-86ef80270aad"
+ },
+ "integration": {
+ "$ref": "#/components/schemas/Integration"
+ },
+ "status": {
+ "$ref": "#/components/schemas/ActionBuildStatusEnum"
+ },
+ "built_at": {
+ "type": "string",
+ "description": "The time when this action was built successfully.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "deploy": {
+ "type": "boolean",
+ "description": "True if the action should be deployed after creation.",
+ "default": false
+ }
+ }
+ },
+ "UpdateAculRequestContent": {
+ "type": "object",
+ "description": "Render settings for the given screen",
+ "additionalProperties": false,
+ "properties": {
+ "rendering_mode": {
+ "$ref": "#/components/schemas/AculRenderingModeEnum"
+ },
+ "context_configuration": {
+ "type": "array",
+ "description": "Context values to make available",
+ "items": {
+ "type": "string"
+ }
+ },
+ "default_head_tags_disabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Override Universal Login default head tags",
+ "default": false
+ },
+ "head_tags": {
+ "type": "array",
+ "description": "An array of head tags",
+ "items": {
+ "$ref": "#/components/schemas/AculHeadTag"
+ }
+ },
+ "filters": {
+ "$ref": "#/components/schemas/AculFilters"
+ },
+ "use_page_template": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Use page template with ACUL",
+ "default": false
+ }
+ }
+ },
+ "UpdateAculResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "rendering_mode": {
+ "$ref": "#/components/schemas/AculRenderingModeEnum"
+ },
+ "context_configuration": {
+ "type": "array",
+ "description": "Context values to make available",
+ "items": {
+ "type": "string"
+ }
+ },
+ "default_head_tags_disabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Override Universal Login default head tags"
+ },
+ "head_tags": {
+ "type": "array",
+ "description": "An array of head tags",
+ "items": {
+ "$ref": "#/components/schemas/AculHeadTag"
+ }
+ },
+ "filters": {
+ "$ref": "#/components/schemas/AculFilters"
+ },
+ "use_page_template": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Use page template with ACUL"
+ }
+ }
+ },
+ "UpdateBrandingColors": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Custom color settings.",
+ "additionalProperties": false,
+ "properties": {
+ "primary": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Accent color.",
+ "format": "html-color-or-null"
+ },
+ "page_background": {
+ "$ref": "#/components/schemas/UpdateBrandingPageBackground"
+ }
+ }
+ },
+ "UpdateBrandingFont": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "Custom font settings.",
+ "additionalProperties": false,
+ "properties": {
+ "url": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL for the custom font. The URL must point to a font file and not a stylesheet. Must use HTTPS.",
+ "format": "strict-https-uri-or-null"
+ }
+ }
+ },
+ "UpdateBrandingPageBackground": {
+ "description": "Page Background Color or Gradient.\nProperty contains either null to unset, a solid color as a string value #FFFFFF, or a gradient as an object.\n\n\n{\n type: 'linear-gradient',\n start: '#FFFFFF',\n end: '#000000',\n angle_deg: 35\n}\nblock, user_notification, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionShieldsEnum"
+ }
+ },
+ "admin_notification_frequency": {
+ "type": "array",
+ "description": "When \"admin_notification\" is enabled, determines how often email notifications are sent.\n Possible values: immediately, daily, weekly, monthly.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionAdminNotificationFrequencyEnum"
+ }
+ },
+ "method": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionMethodEnum"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionStage"
+ }
+ }
+ },
+ "UpdateBreachedPasswordDetectionSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not breached password detection is active.",
+ "default": true
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a breached password is detected during a login.\n Possible values: block, user_notification, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionShieldsEnum"
+ }
+ },
+ "admin_notification_frequency": {
+ "type": "array",
+ "description": "When \"admin_notification\" is enabled, determines how often email notifications are sent.\n Possible values: immediately, daily, weekly, monthly.",
+ "items": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionAdminNotificationFrequencyEnum"
+ }
+ },
+ "method": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionMethodEnum"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/BreachedPasswordDetectionStage"
+ }
+ }
+ },
+ "UpdateBruteForceSettingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not brute force attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a brute force protection threshold is violated.\n Possible values: block, user_notification.",
+ "items": {
+ "type": "string",
+ "enum": [
+ "block",
+ "user_notification"
+ ]
+ }
+ },
+ "allowlist": {
+ "type": "array",
+ "description": "List of trusted IP addresses that will not have attack protection enforced against them.",
+ "items": {
+ "type": "string",
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipv4"
+ },
+ {
+ "type": "string",
+ "format": "cidr"
+ },
+ {
+ "type": "string",
+ "format": "ipv6"
+ },
+ {
+ "type": "string",
+ "format": "ipv6_cidr"
+ }
+ ]
+ }
+ },
+ "mode": {
+ "type": "string",
+ "description": "Account Lockout: Determines whether or not IP address is used when counting failed attempts.\n Possible values: count_per_identifier_and_ip, count_per_identifier.",
+ "default": "count_per_identifier_and_ip",
+ "enum": [
+ "count_per_identifier_and_ip",
+ "count_per_identifier"
+ ]
+ },
+ "max_attempts": {
+ "type": "integer",
+ "description": "Maximum number of unsuccessful attempts.",
+ "default": 10
+ }
+ }
+ },
+ "UpdateBruteForceSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not brute force attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a brute force protection threshold is violated.\n Possible values: block, user_notification.",
+ "items": {
+ "type": "string",
+ "enum": [
+ "block",
+ "user_notification"
+ ]
+ }
+ },
+ "allowlist": {
+ "type": "array",
+ "description": "List of trusted IP addresses that will not have attack protection enforced against them.",
+ "items": {
+ "type": "string",
+ "anyOf": [
+ {
+ "type": "string",
+ "format": "ipv4"
+ },
+ {
+ "type": "string",
+ "format": "cidr"
+ },
+ {
+ "type": "string",
+ "format": "ipv6"
+ },
+ {
+ "type": "string",
+ "format": "ipv6_cidr"
+ }
+ ]
+ }
+ },
+ "mode": {
+ "type": "string",
+ "description": "Account Lockout: Determines whether or not IP address is used when counting failed attempts.\n Possible values: count_per_identifier_and_ip, count_per_identifier.",
+ "default": "count_per_identifier_and_ip",
+ "enum": [
+ "count_per_identifier_and_ip",
+ "count_per_identifier"
+ ]
+ },
+ "max_attempts": {
+ "type": "integer",
+ "description": "Maximum number of unsuccessful attempts.",
+ "default": 10
+ }
+ }
+ },
+ "UpdateClientGrantRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "scope": {
+ "type": "array",
+ "description": "Scopes allowed for this client grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 280
+ }
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientGrantOrganizationNullableUsageEnum"
+ },
+ "allow_any_organization": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Controls allowing any organization to be used with this grant"
+ },
+ "authorization_details_types": {
+ "type": "array",
+ "description": "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "x-release-lifecycle": "EA",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ }
+ },
+ "UpdateClientGrantResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the client grant."
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client."
+ },
+ "audience": {
+ "type": "string",
+ "description": "The audience (API identifier) of this client grant.",
+ "minLength": 1
+ },
+ "scope": {
+ "type": "array",
+ "description": "Scopes allowed for this client grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientGrantOrganizationUsageEnum"
+ },
+ "allow_any_organization": {
+ "type": "boolean",
+ "description": "If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations."
+ },
+ "is_system": {
+ "type": "boolean",
+ "description": "If enabled, this grant is a special grant created by Auth0. It cannot be modified or deleted directly."
+ },
+ "subject_type": {
+ "$ref": "#/components/schemas/ClientGrantSubjectTypeEnum"
+ },
+ "authorization_details_types": {
+ "type": "array",
+ "description": "Types of authorization_details allowed for this client grant. Use of this field is subject to the applicable Free Trial terms in Okta’s Master Subscription Agreement.",
+ "x-release-lifecycle": "EA",
+ "items": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ }
+ }
+ }
+ },
+ "UpdateClientRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the client. Must contain at least one character. Does not allow '<' or '>'."
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of the purpose of the Client. (Max character length: 140)",
+ "maxLength": 140
+ },
+ "client_secret": {
+ "type": "string",
+ "description": "The secret used to sign tokens for the client",
+ "minLength": 1
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "The URL of the client logo (recommended size: 150x150)",
+ "format": "absolute-uri-or-empty"
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "A set of URLs that are valid to call back from Auth0 when authenticating users",
+ "items": {
+ "type": "string",
+ "format": "callback-url"
+ }
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "oidc_backchannel_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "A set of URLs that represents valid origins for CORS",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "A set of URLs that represents valid web origins for use with web message response mode",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "A set of grant types that the client is authorized to use. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences for SAML protocol",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "Ids of clients that will be allowed to perform delegation requests. Clients that will be allowed to make delegation request. By default, all your clients will be allowed. This field allows you to specify specific clients",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "URLs that are valid to redirect to after logout from Auth0.",
+ "items": {
+ "type": "string",
+ "format": "url-with-placeholders"
+ }
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "true to use Auth0 instead of the IdP to do Single Sign On, false otherwise (default: false)"
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "true if this client can be used to make cross-origin authentication requests, false otherwise if cross origin is disabled"
+ },
+ "cross_origin_loc": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL for the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url-or-null"
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "true to disable Single Sign On, false otherwise (default: false)"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "true if the custom login page is to be used, false otherwise."
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodOrNullEnum"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client or not",
+ "default": true
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client will conform to strict OIDC specifications",
+ "default": false
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page"
+ },
+ "custom_login_page_preview": {
+ "type": "string"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/UpdateTokenQuota"
+ },
+ "form_template": {
+ "type": "string",
+ "description": "Form template for WS-Federation protocol"
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {
+ "$ref": "#/components/schemas/NativeSocialLogin"
+ },
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsagePatchEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorPatchEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithCredentialId"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ }
+ }
+ },
+ "UpdateClientResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "ID of this client.",
+ "default": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
+ },
+ "tenant": {
+ "type": "string",
+ "description": "Name of the tenant this client belongs to.",
+ "default": ""
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this client (min length: 1 character, does not allow `<` or `>`).",
+ "default": "My application"
+ },
+ "description": {
+ "type": "string",
+ "description": "Free text description of this client (max length: 140 characters).",
+ "default": ""
+ },
+ "global": {
+ "type": "boolean",
+ "description": "Whether this is your global 'All Applications' client representing legacy tenant settings (true) or a regular client (false).",
+ "default": false
+ },
+ "client_secret": {
+ "type": "string",
+ "description": "Client secret (which you must not make public).",
+ "default": "MG_TNT2ver-SylNat-_VeMmd-4m0Waba0jr1troztBniSChEw0glxEmgEi2Kw40H"
+ },
+ "app_type": {
+ "$ref": "#/components/schemas/ClientAppTypeEnum"
+ },
+ "logo_uri": {
+ "type": "string",
+ "description": "URL of the logo to display for this client. Recommended size is 150x150 pixels."
+ },
+ "is_first_party": {
+ "type": "boolean",
+ "description": "Whether this client a first party client (true) or not (false).",
+ "default": false
+ },
+ "oidc_conformant": {
+ "type": "boolean",
+ "description": "Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false).",
+ "default": false
+ },
+ "callbacks": {
+ "type": "array",
+ "description": "Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_origins": {
+ "type": "array",
+ "description": "Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "web_origins": {
+ "type": "array",
+ "description": "Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "client_aliases": {
+ "type": "array",
+ "description": "List of audiences/realms for SAML protocol. Used by the wsfed addon.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_clients": {
+ "type": "array",
+ "description": "List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "session_transfer": {
+ "$ref": "#/components/schemas/ClientSessionTransferConfiguration"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/ClientOIDCBackchannelLogoutSettings"
+ },
+ "grant_types": {
+ "type": "array",
+ "description": "List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, and `urn:ietf:params:oauth:grant-type:device_code`.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "jwt_configuration": {
+ "$ref": "#/components/schemas/ClientJwtConfiguration"
+ },
+ "signing_keys": {
+ "$ref": "#/components/schemas/ClientSigningKeys"
+ },
+ "encryption_key": {
+ "$ref": "#/components/schemas/ClientEncryptionKey"
+ },
+ "sso": {
+ "type": "boolean",
+ "description": "Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false).",
+ "default": false
+ },
+ "sso_disabled": {
+ "type": "boolean",
+ "description": "Whether Single Sign On is disabled (true) or enabled (true). Defaults to true.",
+ "default": false
+ },
+ "cross_origin_authentication": {
+ "type": "boolean",
+ "description": "Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false)."
+ },
+ "cross_origin_loc": {
+ "type": "string",
+ "description": "URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page.",
+ "format": "url"
+ },
+ "custom_login_page_on": {
+ "type": "boolean",
+ "description": "Whether a custom login page is to be used (true) or the default provided login page (false).",
+ "default": true
+ },
+ "custom_login_page": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page.",
+ "default": ""
+ },
+ "custom_login_page_preview": {
+ "type": "string",
+ "description": "The content (HTML, CSS, JS) of the custom login page. (Used on Previews)",
+ "default": ""
+ },
+ "form_template": {
+ "type": "string",
+ "description": "HTML form template to be used for WS-Federation.",
+ "default": ""
+ },
+ "addons": {
+ "$ref": "#/components/schemas/ClientAddons"
+ },
+ "token_endpoint_auth_method": {
+ "$ref": "#/components/schemas/ClientTokenEndpointAuthMethodEnum"
+ },
+ "client_metadata": {
+ "$ref": "#/components/schemas/ClientMetadata"
+ },
+ "mobile": {
+ "$ref": "#/components/schemas/ClientMobile"
+ },
+ "initiate_login_uri": {
+ "type": "string",
+ "description": "Initiate login uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "native_social_login": {},
+ "refresh_token": {
+ "$ref": "#/components/schemas/ClientRefreshTokenConfiguration"
+ },
+ "default_organization": {
+ "$ref": "#/components/schemas/ClientDefaultOrganization"
+ },
+ "organization_usage": {
+ "$ref": "#/components/schemas/ClientOrganizationUsageEnum"
+ },
+ "organization_require_behavior": {
+ "$ref": "#/components/schemas/ClientOrganizationRequireBehaviorEnum"
+ },
+ "client_authentication_methods": {
+ "$ref": "#/components/schemas/ClientAuthenticationMethod"
+ },
+ "require_pushed_authorization_requests": {
+ "type": "boolean",
+ "description": "Makes the use of Pushed Authorization Requests mandatory for this client",
+ "default": false
+ },
+ "require_proof_of_possession": {
+ "type": "boolean",
+ "description": "Makes the use of Proof-of-Possession mandatory for this client",
+ "default": false
+ },
+ "signed_request_object": {
+ "$ref": "#/components/schemas/ClientSignedRequestObjectWithCredentialId"
+ },
+ "compliance_level": {
+ "$ref": "#/components/schemas/ClientComplianceLevelEnum"
+ },
+ "par_request_expiry": {
+ "type": [
+ "integer",
+ "null"
+ ],
+ "description": "Specifies how long, in seconds, a Pushed Authorization Request URI remains valid"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "UpdateConnectionOptions": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "description": "The connection's options (depend on the connection strategy). To update these options, the `update:connections_options` scope must be present. To verify your changes, also include the `read:connections_options` scope. If this scope is not specified, you will not be able to review the updated object.",
+ "additionalProperties": true,
+ "properties": {
+ "validation": {
+ "$ref": "#/components/schemas/ConnectionValidationOptions"
+ },
+ "non_persistent_attrs": {
+ "type": "array",
+ "description": "An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)",
+ "items": {
+ "type": "string"
+ }
+ },
+ "precedence": {
+ "type": "array",
+ "description": "Order of precedence for attribute types. If the property is not specified, the default precedence of attributes will be used.",
+ "items": {
+ "$ref": "#/components/schemas/ConnectionIdentifierPrecedenceEnum"
+ }
+ },
+ "attributes": {
+ "$ref": "#/components/schemas/ConnectionAttributes"
+ },
+ "enable_script_context": {
+ "type": "boolean"
+ },
+ "enabledDatabaseCustomization": {
+ "type": "boolean",
+ "description": "Set to true to use a legacy user store"
+ },
+ "import_mode": {
+ "type": "boolean",
+ "description": "Enable this if you have a legacy user store and you want to gradually migrate those users to the Auth0 user store"
+ },
+ "customScripts": {
+ "$ref": "#/components/schemas/ConnectionCustomScripts"
+ },
+ "authentication_methods": {
+ "$ref": "#/components/schemas/ConnectionAuthenticationMethods"
+ },
+ "passkey_options": {
+ "$ref": "#/components/schemas/ConnectionPasskeyOptions"
+ },
+ "passwordPolicy": {
+ "$ref": "#/components/schemas/ConnectionPasswordPolicyEnum"
+ },
+ "password_complexity_options": {
+ "$ref": "#/components/schemas/ConnectionPasswordComplexityOptions"
+ },
+ "password_history": {
+ "$ref": "#/components/schemas/ConnectionPasswordHistoryOptions"
+ },
+ "password_no_personal_info": {
+ "$ref": "#/components/schemas/ConnectionPasswordNoPersonalInfoOptions"
+ },
+ "password_dictionary": {
+ "$ref": "#/components/schemas/ConnectionPasswordDictionaryOptions"
+ },
+ "api_enable_users": {
+ "type": "boolean"
+ },
+ "basic_profile": {
+ "type": "boolean"
+ },
+ "ext_admin": {
+ "type": "boolean"
+ },
+ "ext_is_suspended": {
+ "type": "boolean"
+ },
+ "ext_agreed_terms": {
+ "type": "boolean"
+ },
+ "ext_groups": {
+ "type": "boolean"
+ },
+ "ext_assigned_plans": {
+ "type": "boolean"
+ },
+ "ext_profile": {
+ "type": "boolean"
+ },
+ "disable_self_service_change_password": {
+ "type": "boolean"
+ },
+ "upstream_params": {
+ "$ref": "#/components/schemas/ConnectionUpstreamParams"
+ },
+ "set_user_root_attributes": {
+ "$ref": "#/components/schemas/ConnectionSetUserRootAttributesEnum"
+ },
+ "gateway_authentication": {
+ "$ref": "#/components/schemas/ConnectionGatewayAuthentication"
+ }
+ }
+ },
+ "UpdateConnectionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "display_name": {
+ "type": "string",
+ "description": "The connection name used in the new universal login experience. If display_name is not included in the request, the field will be overwritten with the name value.",
+ "maxLength": 128
+ },
+ "options": {
+ "$ref": "#/components/schemas/UpdateConnectionOptions"
+ },
+ "enabled_clients": {
+ "type": "array",
+ "description": "DEPRECATED property. Use the PATCH /v2/connections/{id}/clients endpoint to enable or disable the connection for any clients.",
+ "x-release-lifecycle": "deprecated",
+ "items": {
+ "type": "string",
+ "description": "The client_id of the client to for which the connection is to be enabled",
+ "format": "client-id"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.)"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.)"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "UpdateConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the connection",
+ "default": "My connection"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Connection name used in login screen"
+ },
+ "options": {
+ "$ref": "#/components/schemas/ConnectionOptions"
+ },
+ "id": {
+ "type": "string",
+ "description": "The connection's identifier",
+ "default": "con_0000000000000001"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The type of the connection, related to the identity provider",
+ "default": "auth0"
+ },
+ "realms": {
+ "type": "array",
+ "description": "Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm.",
+ "items": {
+ "type": "string",
+ "description": "The realm where this connection belongs",
+ "format": "connection-realm"
+ }
+ },
+ "enabled_clients": {
+ "type": "array",
+ "description": "DEPRECATED property. Use the GET /connections/:id/clients endpoint to get the ids of the clients for which the connection is enabled",
+ "x-release-lifecycle": "deprecated",
+ "items": {
+ "type": "string",
+ "description": "The client id"
+ }
+ },
+ "is_domain_connection": {
+ "type": "boolean",
+ "description": "True if the connection is domain level"
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD."
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/ConnectionsMetadata"
+ }
+ }
+ },
+ "UpdateCustomDomainRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "tls_policy": {
+ "$ref": "#/components/schemas/CustomDomainTlsPolicyEnum"
+ },
+ "custom_client_ip_header": {
+ "$ref": "#/components/schemas/CustomDomainCustomClientIpHeader"
+ }
+ }
+ },
+ "UpdateCustomDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "custom_domain_id",
+ "domain",
+ "primary",
+ "status",
+ "type",
+ "verification"
+ ],
+ "properties": {
+ "custom_domain_id": {
+ "type": "string",
+ "description": "ID of the custom domain.",
+ "default": "cd_0000000000000001"
+ },
+ "domain": {
+ "type": "string",
+ "description": "Domain name.",
+ "default": "login.mycompany.com"
+ },
+ "primary": {
+ "type": "boolean",
+ "description": "Whether this is a primary domain (true) or not (false).",
+ "default": false
+ },
+ "type": {
+ "$ref": "#/components/schemas/CustomDomainTypeEnum"
+ },
+ "verification": {
+ "$ref": "#/components/schemas/DomainVerification"
+ },
+ "custom_client_ip_header": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The HTTP header to fetch the client's IP address"
+ },
+ "tls_policy": {
+ "type": "string",
+ "description": "The TLS version policy",
+ "default": "recommended"
+ }
+ }
+ },
+ "UpdateEmailProviderRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "$ref": "#/components/schemas/EmailProviderNameEnum"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (true) or disabled (false)."
+ },
+ "default_from_address": {
+ "type": "string",
+ "description": "Email address to use as \"from\" when no other address specified."
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/EmailProviderCredentialsSchema"
+ },
+ "settings": {
+ "$ref": "#/components/schemas/EmailSpecificProviderSettingsWithAdditionalProperties"
+ }
+ }
+ },
+ "UpdateEmailProviderResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`.",
+ "default": "sendgrid"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the provider is enabled (true) or disabled (false).",
+ "default": true
+ },
+ "default_from_address": {
+ "type": "string",
+ "description": "Email address to use as \"from\" when no other address specified."
+ },
+ "credentials": {
+ "$ref": "#/components/schemas/EmailProviderCredentials"
+ },
+ "settings": {
+ "$ref": "#/components/schemas/EmailProviderSettings"
+ }
+ }
+ },
+ "UpdateEmailTemplateRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "UpdateEmailTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "template": {
+ "$ref": "#/components/schemas/EmailTemplateNameEnum"
+ },
+ "body": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Body of the email template."
+ },
+ "from": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Senders `from` email address.",
+ "default": "sender@auth0.com"
+ },
+ "resultUrl": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to redirect the user to after a successful action."
+ },
+ "subject": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Subject line of the email."
+ },
+ "syntax": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Syntax of the template body.",
+ "default": "liquid"
+ },
+ "urlLifetimeInSeconds": {
+ "type": [
+ "number",
+ "null"
+ ],
+ "description": "Lifetime in seconds that the link within the email will be valid for."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true."
+ },
+ "enabled": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether the template is enabled (true) or disabled (false)."
+ }
+ }
+ },
+ "UpdateEnabledClientConnectionsRequestContent": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "client_id",
+ "status"
+ ],
+ "properties": {
+ "client_id": {
+ "type": "string",
+ "description": "The client_id of the client to be the subject to change status",
+ "format": "client-id"
+ },
+ "status": {
+ "type": "boolean",
+ "description": "Whether the connection is enabled or not for this client_id"
+ }
+ }
+ }
+ },
+ "UpdateEventStreamRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the event stream.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "subscriptions": {
+ "type": "array",
+ "description": "List of event types subscribed to in this stream.",
+ "items": {
+ "$ref": "#/components/schemas/EventStreamSubscription"
+ }
+ },
+ "destination": {
+ "$ref": "#/components/schemas/EventStreamDestinationPatch"
+ },
+ "status": {
+ "$ref": "#/components/schemas/EventStreamStatusEnum"
+ }
+ }
+ },
+ "UpdateEventStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/EventStreamWebhookResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamEventBridgeResponseContent"
+ },
+ {
+ "$ref": "#/components/schemas/EventStreamActionResponseContent"
+ }
+ ]
+ },
+ "UpdateFlowRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "actions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ }
+ }
+ },
+ "UpdateFlowResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "flow-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "actions": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/FlowAction"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "executed_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "UpdateFlowsVaultConnectionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "setup": {
+ "$ref": "#/components/schemas/UpdateFlowsVaultConnectionSetup"
+ }
+ }
+ },
+ "UpdateFlowsVaultConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "app_id",
+ "name",
+ "ready",
+ "created_at",
+ "updated_at",
+ "fingerprint"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Flows Vault Connection identifier.",
+ "maxLength": 30,
+ "format": "flows-vault-connections-id"
+ },
+ "app_id": {
+ "type": "string",
+ "description": "Flows Vault Connection app identifier.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "environment": {
+ "type": "string",
+ "description": "Flows Vault Connection environment.",
+ "minLength": 1,
+ "maxLength": 55
+ },
+ "name": {
+ "type": "string",
+ "description": "Flows Vault Connection name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "account_name": {
+ "type": "string",
+ "description": "Flows Vault Connection custom account name.",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "ready": {
+ "type": "boolean",
+ "description": "Whether the Flows Vault Connection is configured."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was created.",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was updated.",
+ "format": "date-time"
+ },
+ "refreshed_at": {
+ "type": "string",
+ "description": "The ISO 8601 formatted date when this Flows Vault Connection was refreshed.",
+ "format": "date-time"
+ },
+ "fingerprint": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ },
+ "UpdateFlowsVaultConnectionSetup": {
+ "type": "object",
+ "description": "Flows Vault Connection configuration.",
+ "anyOf": [
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKeyWithBaseUrl"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthApp"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupBigqueryOauthJwt"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupSecretApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupHttpBearer"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupJwt"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupMailjetApiKey"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupToken"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupWebhook"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupStripeKeyPair"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupOauthCode"
+ },
+ {
+ "$ref": "#/components/schemas/FlowsVaultConnectioSetupTwilioApiKey"
+ }
+ ]
+ },
+ "UpdateFormRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "messages": {
+ "$ref": "#/components/schemas/FormMessagesNullable"
+ },
+ "languages": {
+ "$ref": "#/components/schemas/FormLanguagesNullable"
+ },
+ "translations": {
+ "$ref": "#/components/schemas/FormTranslationsNullable"
+ },
+ "nodes": {
+ "$ref": "#/components/schemas/FormNodeListNullable"
+ },
+ "start": {
+ "$ref": "#/components/schemas/FormStartNodeNullable"
+ },
+ "ending": {
+ "$ref": "#/components/schemas/FormEndingNodeNullable"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormStyleNullable"
+ }
+ }
+ },
+ "UpdateFormResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "name",
+ "created_at",
+ "updated_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "maxLength": 30,
+ "format": "form-id"
+ },
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "messages": {
+ "$ref": "#/components/schemas/FormMessages"
+ },
+ "languages": {
+ "$ref": "#/components/schemas/FormLanguages"
+ },
+ "translations": {
+ "$ref": "#/components/schemas/FormTranslations"
+ },
+ "nodes": {
+ "$ref": "#/components/schemas/FormNodeList"
+ },
+ "start": {
+ "$ref": "#/components/schemas/FormStartNode"
+ },
+ "ending": {
+ "$ref": "#/components/schemas/FormEndingNode"
+ },
+ "style": {
+ "$ref": "#/components/schemas/FormStyle"
+ },
+ "created_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "embedded_at": {
+ "type": "string",
+ "format": "date"
+ },
+ "submitted_at": {
+ "type": "string",
+ "format": "date"
+ }
+ }
+ },
+ "UpdateGuardianFactorDuoSettingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "ikey": {
+ "type": "string",
+ "maxLength": 10000
+ },
+ "skey": {
+ "type": "string",
+ "maxLength": 10000,
+ "format": "non-empty-string"
+ },
+ "host": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "UpdateGuardianFactorDuoSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "ikey": {
+ "type": "string",
+ "maxLength": 10000
+ },
+ "skey": {
+ "type": "string",
+ "maxLength": 10000,
+ "format": "non-empty-string"
+ },
+ "host": {
+ "type": "string",
+ "maxLength": 10000
+ }
+ }
+ },
+ "UpdateGuardianFactorsProviderPushNotificationSnsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "aws_access_key_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_secret_access_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "B1ER5JHDGJL3C4sVAKK7SBsq806R3IpL",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_region": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "us-west-1",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_apns_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_gcm_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "urn://yRMeBxgcCXh8MeTXPBAxhQnm6gP6f5nP",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "UpdateGuardianFactorsProviderPushNotificationSnsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "aws_access_key_id": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "wywA2BH4VqTpfywiDuyDAYZL3xQjoO40",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_secret_access_key": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "B1ER5JHDGJL3C4sVAKK7SBsq806R3IpL",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "aws_region": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "us-west-1",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_apns_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "sns_gcm_platform_application_arn": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "default": "urn://yRMeBxgcCXh8MeTXPBAxhQnm6gP6f5nP",
+ "minLength": 1,
+ "maxLength": 1000
+ }
+ }
+ },
+ "UpdateHookRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of this hook.",
+ "default": "my-hook"
+ },
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this hook runs.",
+ "default": "module.exports = function(client, scope, audience, context, cb) cb(null, access_token); };",
+ "minLength": 1
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether this hook will be executed (true) or ignored (false).",
+ "default": false
+ },
+ "dependencies": {
+ "$ref": "#/components/schemas/HookDependencies"
+ }
+ }
+ },
+ "UpdateHookResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "triggerId": {
+ "type": "string",
+ "description": "Trigger ID"
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this hook.",
+ "default": "00001"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this hook.",
+ "default": "hook"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether this hook will be executed (true) or ignored (false).",
+ "default": true
+ },
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this hook runs.",
+ "default": "module.exports = function(client, scope, audience, context, cb) cb(null, access_token); };"
+ },
+ "dependencies": {
+ "$ref": "#/components/schemas/HookDependencies"
+ }
+ }
+ },
+ "UpdateHookSecretRequestContent": {
+ "type": "object",
+ "description": "Hashmap of key-value pairs where the value must be a string.",
+ "additionalProperties": true
+ },
+ "UpdateLogStreamRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "log stream name"
+ },
+ "status": {
+ "$ref": "#/components/schemas/LogStreamStatusEnum"
+ },
+ "isPriority": {
+ "type": "boolean",
+ "description": "True for priority log streams, false for non-priority"
+ },
+ "filters": {
+ "type": "array",
+ "description": "Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered.",
+ "items": {
+ "$ref": "#/components/schemas/LogStreamFilter"
+ }
+ },
+ "pii_config": {
+ "$ref": "#/components/schemas/LogStreamPiiConfig"
+ },
+ "sink": {
+ "$ref": "#/components/schemas/LogStreamSinkPatch"
+ }
+ }
+ },
+ "UpdateLogStreamResponseContent": {
+ "oneOf": [
+ {
+ "$ref": "#/components/schemas/LogStreamHttpResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamEventBridgeResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamEventGridResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamDatadogResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSplunkResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSumoResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamSegmentResponseSchema"
+ },
+ {
+ "$ref": "#/components/schemas/LogStreamMixpanelResponseSchema"
+ }
+ ]
+ },
+ "UpdateNetworkAclRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "description": {
+ "type": "string",
+ "maxLength": 255
+ },
+ "active": {
+ "type": "boolean",
+ "description": "Indicates whether or not this access control list is actively being used"
+ },
+ "priority": {
+ "type": "number",
+ "description": "Indicates the order in which the ACL will be evaluated relative to other ACL rules."
+ },
+ "rule": {
+ "$ref": "#/components/schemas/NetworkAclRule"
+ }
+ }
+ },
+ "UpdateNetworkAclResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "description": {
+ "type": "string"
+ },
+ "active": {
+ "type": "boolean"
+ },
+ "priority": {
+ "type": "number"
+ },
+ "rule": {
+ "$ref": "#/components/schemas/NetworkAclRule"
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was created"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The timestamp when the Network ACL Configuration was last updated"
+ }
+ }
+ },
+ "UpdateOrganizationConnectionRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "assign_membership_on_login": {
+ "type": "boolean",
+ "description": "When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection."
+ },
+ "is_signup_enabled": {
+ "type": "boolean",
+ "description": "Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false."
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true."
+ }
+ }
+ },
+ "UpdateOrganizationConnectionResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "ID of the connection."
+ },
+ "assign_membership_on_login": {
+ "type": "boolean",
+ "description": "When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection."
+ },
+ "show_as_button": {
+ "type": "boolean",
+ "description": "Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true."
+ },
+ "is_signup_enabled": {
+ "type": "boolean",
+ "description": "Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false."
+ },
+ "connection": {
+ "$ref": "#/components/schemas/OrganizationConnectionInformation"
+ }
+ }
+ },
+ "UpdateOrganizationDiscoveryDomainRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "status": {
+ "$ref": "#/components/schemas/OrganizationDiscoveryDomainStatus"
+ }
+ }
+ },
+ "UpdateOrganizationDiscoveryDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "domain",
+ "status",
+ "verification_host",
+ "verification_txt"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization discovery domain identifier.",
+ "format": "organization-discovery-domain-id"
+ },
+ "domain": {
+ "type": "string",
+ "description": "The domain name to associate with the organization e.g. acme.com.",
+ "minLength": 3,
+ "maxLength": 255
+ },
+ "status": {
+ "$ref": "#/components/schemas/OrganizationDiscoveryDomainStatus"
+ },
+ "verification_txt": {
+ "type": "string",
+ "description": "A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership."
+ },
+ "verification_host": {
+ "type": "string",
+ "description": "The full domain where the TXT record should be added."
+ }
+ }
+ },
+ "UpdateOrganizationRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "display_name": {
+ "type": "string",
+ "description": "Friendly name of this organization.",
+ "default": "Acme Users",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of this organization.",
+ "default": "organization-1",
+ "minLength": 1,
+ "maxLength": 50,
+ "format": "organization-name"
+ },
+ "branding": {
+ "$ref": "#/components/schemas/OrganizationBranding"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/OrganizationMetadata"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/UpdateTokenQuota"
+ }
+ }
+ },
+ "UpdateOrganizationResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "Organization identifier.",
+ "maxLength": 50,
+ "format": "organization-id"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of this organization.",
+ "default": "organization-1",
+ "minLength": 1,
+ "maxLength": 50,
+ "format": "organization-name"
+ },
+ "display_name": {
+ "type": "string",
+ "description": "Friendly name of this organization.",
+ "default": "Acme Users",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "branding": {
+ "$ref": "#/components/schemas/OrganizationBranding"
+ },
+ "metadata": {
+ "$ref": "#/components/schemas/OrganizationMetadata"
+ },
+ "token_quota": {
+ "$ref": "#/components/schemas/TokenQuota"
+ }
+ }
+ },
+ "UpdatePhoneTemplateRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "content": {
+ "$ref": "#/components/schemas/PartialPhoneTemplateContent"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the template is enabled (false) or disabled (true).",
+ "default": false
+ }
+ }
+ },
+ "UpdatePhoneTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "content",
+ "disabled",
+ "id",
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "channel": {
+ "type": "string"
+ },
+ "customizable": {
+ "type": "boolean"
+ },
+ "tenant": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "content": {
+ "$ref": "#/components/schemas/PhoneTemplateContent"
+ },
+ "type": {
+ "$ref": "#/components/schemas/PhoneTemplateNotificationTypeEnum"
+ },
+ "disabled": {
+ "type": "boolean",
+ "description": "Whether the template is enabled (false) or disabled (true).",
+ "default": false
+ }
+ }
+ },
+ "UpdateResourceServerRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Friendly name for this resource server. Can not contain `<` or `>` characters.",
+ "maxLength": 200
+ },
+ "scopes": {
+ "type": "array",
+ "description": "List of permissions (scopes) that this API uses.",
+ "items": {
+ "$ref": "#/components/schemas/ResourceServerScope"
+ }
+ },
+ "signing_alg": {
+ "$ref": "#/components/schemas/SigningAlgorithmEnum"
+ },
+ "signing_secret": {
+ "type": "string",
+ "description": "Secret used to sign tokens when using symmetric algorithms (HS256).",
+ "minLength": 16
+ },
+ "skip_consent_for_verifiable_first_party_clients": {
+ "type": "boolean",
+ "description": "Whether to skip user consent for applications flagged as first party (true) or not (false)."
+ },
+ "allow_offline_access": {
+ "type": "boolean",
+ "description": "Whether refresh tokens can be issued for this API (true) or not (false)."
+ },
+ "token_lifetime": {
+ "type": "integer",
+ "description": "Expiration value (in seconds) for access tokens issued for this API from the token endpoint."
+ },
+ "token_dialect": {
+ "$ref": "#/components/schemas/ResourceServerTokenDialectSchemaEnum"
+ },
+ "enforce_policies": {
+ "type": "boolean",
+ "description": "Whether authorization policies are enforced (true) or not enforced (false)."
+ },
+ "token_encryption": {
+ "$ref": "#/components/schemas/ResourceServerTokenEncryption"
+ },
+ "consent_policy": {
+ "$ref": "#/components/schemas/ResourceServerConsentPolicyEnum"
+ },
+ "authorization_details": {
+ "type": "array",
+ "items": {}
+ },
+ "proof_of_possession": {
+ "$ref": "#/components/schemas/ResourceServerProofOfPossession"
+ },
+ "subject_type_authorization": {
+ "$ref": "#/components/schemas/ResourceServerSubjectTypeAuthorization"
+ }
+ }
+ },
+ "UpdateResourceServerResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the API (resource server)."
+ },
+ "name": {
+ "type": "string",
+ "description": "Friendly name for this resource server. Can not contain `<` or `>` characters."
+ },
+ "is_system": {
+ "type": "boolean",
+ "description": "Whether this is an Auth0 system API (true) or a custom API (false)."
+ },
+ "identifier": {
+ "type": "string",
+ "description": "Unique identifier for the API used as the audience parameter on authorization calls. Can not be changed once set."
+ },
+ "scopes": {
+ "type": "array",
+ "description": "List of permissions (scopes) that this API uses.",
+ "items": {
+ "$ref": "#/components/schemas/ResourceServerScope"
+ }
+ },
+ "signing_alg": {
+ "$ref": "#/components/schemas/SigningAlgorithmEnum"
+ },
+ "signing_secret": {
+ "type": "string",
+ "description": "Secret used to sign tokens when using symmetric algorithms (HS256).",
+ "minLength": 16
+ },
+ "allow_offline_access": {
+ "type": "boolean",
+ "description": "Whether refresh tokens can be issued for this API (true) or not (false)."
+ },
+ "skip_consent_for_verifiable_first_party_clients": {
+ "type": "boolean",
+ "description": "Whether to skip user consent for applications flagged as first party (true) or not (false)."
+ },
+ "token_lifetime": {
+ "type": "integer",
+ "description": "Expiration value (in seconds) for access tokens issued for this API from the token endpoint."
+ },
+ "token_lifetime_for_web": {
+ "type": "integer",
+ "description": "Expiration value (in seconds) for access tokens issued for this API via Implicit or Hybrid Flows. Cannot be greater than the `token_lifetime` value."
+ },
+ "enforce_policies": {
+ "type": "boolean",
+ "description": "Whether authorization polices are enforced (true) or unenforced (false)."
+ },
+ "token_dialect": {
+ "$ref": "#/components/schemas/ResourceServerTokenDialectResponseEnum"
+ },
+ "token_encryption": {
+ "$ref": "#/components/schemas/ResourceServerTokenEncryption"
+ },
+ "consent_policy": {
+ "$ref": "#/components/schemas/ResourceServerConsentPolicyEnum"
+ },
+ "authorization_details": {
+ "type": "array",
+ "items": {}
+ },
+ "proof_of_possession": {
+ "$ref": "#/components/schemas/ResourceServerProofOfPossession"
+ },
+ "subject_type_authorization": {
+ "$ref": "#/components/schemas/ResourceServerSubjectTypeAuthorization"
+ }
+ }
+ },
+ "UpdateRoleRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of this role."
+ },
+ "description": {
+ "type": "string",
+ "description": "Description of this role."
+ }
+ }
+ },
+ "UpdateRoleResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID for this role."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this role."
+ },
+ "description": {
+ "type": "string",
+ "description": "Description of this role."
+ }
+ }
+ },
+ "UpdateRuleRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this rule runs.",
+ "default": "function (user, context, callback) {\n callback(null, user, context);\n}",
+ "minLength": 1
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this rule.",
+ "default": "my-rule"
+ },
+ "order": {
+ "type": "number",
+ "description": "Order that this rule should execute in relative to other rules. Lower-valued rules execute first.",
+ "default": 2
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the rule is enabled (true), or disabled (false).",
+ "default": true
+ }
+ }
+ },
+ "UpdateRuleResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of this rule.",
+ "default": "rule_1"
+ },
+ "id": {
+ "type": "string",
+ "description": "ID of this rule.",
+ "default": "con_0000000000000001"
+ },
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether the rule is enabled (true), or disabled (false).",
+ "default": true
+ },
+ "script": {
+ "type": "string",
+ "description": "Code to be executed when this rule runs.",
+ "default": "function (user, context, callback) {\n callback(null, user, context);\n}"
+ },
+ "order": {
+ "type": "number",
+ "description": "Order that this rule should execute in relative to other rules. Lower-valued rules execute first.",
+ "default": 1
+ },
+ "stage": {
+ "type": "string",
+ "description": "Execution stage of this rule. Can be `login_success`, `login_failure`, or `pre_authorize`.",
+ "default": "login_success"
+ }
+ }
+ },
+ "UpdateScimConfigurationRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "user_id_attribute",
+ "mapping"
+ ],
+ "properties": {
+ "user_id_attribute": {
+ "type": "string",
+ "description": "User ID attribute for generating unique user ids"
+ },
+ "mapping": {
+ "type": "array",
+ "description": "The mapping between auth0 and SCIM",
+ "items": {
+ "$ref": "#/components/schemas/ScimMappingItem"
+ }
+ }
+ }
+ },
+ "UpdateScimConfigurationResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection_id": {
+ "type": "string",
+ "description": "The connection's identifier"
+ },
+ "connection_name": {
+ "type": "string",
+ "description": "The connection's identifier"
+ },
+ "strategy": {
+ "type": "string",
+ "description": "The connection's strategy"
+ },
+ "tenant_name": {
+ "type": "string",
+ "description": "The tenant's name"
+ },
+ "user_id_attribute": {
+ "type": "string",
+ "description": "User ID attribute for generating unique user ids"
+ },
+ "mapping": {
+ "type": "array",
+ "description": "The mapping between auth0 and SCIM",
+ "items": {
+ "$ref": "#/components/schemas/ScimMappingItem"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The Date Time Scim Configuration was created"
+ },
+ "updated_on": {
+ "type": "string",
+ "description": "The Date Time Scim Configuration was last updated"
+ }
+ }
+ },
+ "UpdateSelfServiceProfileRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "The name of the self-service Profile.",
+ "minLength": 1,
+ "maxLength": 100
+ },
+ "description": {
+ "$ref": "#/components/schemas/SelfServiceProfileDescription"
+ },
+ "branding": {
+ "$ref": "#/components/schemas/SelfServiceProfileBranding"
+ },
+ "allowed_strategies": {
+ "type": "array",
+ "description": "List of IdP strategies that will be shown to users during the Self-Service SSO flow. Possible values: [`oidc`, `samlp`, `waad`, `google-apps`, `adfs`, `okta`, `keycloak-samlp`, `pingfederate`]",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileAllowedStrategyEnum"
+ }
+ },
+ "user_attributes": {
+ "$ref": "#/components/schemas/SelfServiceProfileUserAttributes"
+ }
+ }
+ },
+ "UpdateSelfServiceProfileResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The unique ID of the self-service Profile.",
+ "default": "ssp_n7SNCL8seoyV1TuSTCnAeo"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the self-service Profile."
+ },
+ "description": {
+ "type": "string",
+ "description": "The description of the self-service Profile."
+ },
+ "user_attributes": {
+ "type": "array",
+ "description": "List of attributes to be mapped that will be shown to the user during the SS-SSO flow.",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileUserAttribute"
+ }
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The time when this self-service Profile was created.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The time when this self-service Profile was updated.",
+ "default": "2021-01-01T00:00:00.000Z",
+ "format": "date-time"
+ },
+ "branding": {
+ "$ref": "#/components/schemas/SelfServiceProfileBrandingProperties"
+ },
+ "allowed_strategies": {
+ "type": "array",
+ "description": "List of IdP strategies that will be shown to users during the Self-Service SSO flow. Possible values: [`oidc`, `samlp`, `waad`, `google-apps`, `adfs`, `okta`, `keycloak-samlp`, `pingfederate`]",
+ "items": {
+ "$ref": "#/components/schemas/SelfServiceProfileAllowedStrategyEnum"
+ }
+ }
+ }
+ },
+ "UpdateSettingsRequestContent": {
+ "type": "object",
+ "description": "Prompts settings",
+ "additionalProperties": false,
+ "properties": {
+ "universal_login_experience": {
+ "$ref": "#/components/schemas/UniversalLoginExperienceEnum"
+ },
+ "identifier_first": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether identifier first is enabled or not"
+ },
+ "webauthn_platform_first_factor": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Use WebAuthn with Device Biometrics as the first authentication factor"
+ }
+ }
+ },
+ "UpdateSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "universal_login_experience": {
+ "$ref": "#/components/schemas/UniversalLoginExperienceEnum"
+ },
+ "identifier_first": {
+ "type": "boolean",
+ "description": "Whether identifier first is enabled or not"
+ },
+ "webauthn_platform_first_factor": {
+ "type": "boolean",
+ "description": "Use WebAuthn with Device Biometrics as the first authentication factor"
+ }
+ }
+ },
+ "UpdateSupplementalSignalsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "akamai_enabled"
+ ],
+ "properties": {
+ "akamai_enabled": {
+ "type": "boolean",
+ "description": "Indicates if incoming Akamai Headers should be processed"
+ }
+ }
+ },
+ "UpdateSuspiciousIPThrottlingSettingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not suspicious IP throttling attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a suspicious IP throttling threshold is violated.\n Possible values: block, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingShieldsEnum"
+ }
+ },
+ "allowlist": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingAllowlist"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingStage"
+ }
+ }
+ },
+ "UpdateSuspiciousIPThrottlingSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Whether or not suspicious IP throttling attack protections are active."
+ },
+ "shields": {
+ "type": "array",
+ "description": "Action to take when a suspicious IP throttling threshold is violated.\n Possible values: block, admin_notification.",
+ "items": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingShieldsEnum"
+ }
+ },
+ "allowlist": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingAllowlist"
+ },
+ "stage": {
+ "$ref": "#/components/schemas/SuspiciousIPThrottlingStage"
+ }
+ }
+ },
+ "UpdateTenantSettingsRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "change_password": {
+ "$ref": "#/components/schemas/TenantSettingsPasswordPage"
+ },
+ "device_flow": {
+ "$ref": "#/components/schemas/TenantSettingsDeviceFlow"
+ },
+ "guardian_mfa_page": {
+ "$ref": "#/components/schemas/TenantSettingsGuardianPage"
+ },
+ "default_audience": {
+ "type": "string",
+ "description": "Default audience for API Authorization.",
+ "default": ""
+ },
+ "default_directory": {
+ "type": "string",
+ "description": "Name of connection used for password grants at the `/token` endpoint. The following connection types are supported: LDAP, AD, Database Connections, Passwordless, Windows Azure Active Directory, ADFS.",
+ "default": ""
+ },
+ "error_page": {
+ "$ref": "#/components/schemas/TenantSettingsErrorPage"
+ },
+ "default_token_quota": {
+ "$ref": "#/components/schemas/DefaultTokenQuota"
+ },
+ "flags": {
+ "$ref": "#/components/schemas/TenantSettingsFlags"
+ },
+ "friendly_name": {
+ "type": "string",
+ "description": "Friendly name for this tenant.",
+ "default": "My Company"
+ },
+ "picture_url": {
+ "type": "string",
+ "description": "URL of logo to be shown for this tenant (recommended size: 150x150)",
+ "default": "https://mycompany.org/logo.png",
+ "format": "absolute-uri-or-empty"
+ },
+ "support_email": {
+ "type": "string",
+ "description": "End-user support email.",
+ "default": "support@mycompany.org",
+ "format": "email-or-empty"
+ },
+ "support_url": {
+ "type": "string",
+ "description": "End-user support url.",
+ "default": "https://mycompany.org/support",
+ "format": "absolute-uri-or-empty"
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "URLs that are valid to redirect to after logout from Auth0.",
+ "items": {
+ "type": "string",
+ "format": "url"
+ }
+ },
+ "session_lifetime": {
+ "type": "integer",
+ "description": "Number of hours a session will stay valid.",
+ "default": 168
+ },
+ "idle_session_lifetime": {
+ "type": "integer",
+ "description": "Number of hours for which a session can be inactive before the user must log in again.",
+ "default": 72
+ },
+ "ephemeral_session_lifetime": {
+ "type": "integer",
+ "description": "Number of hours an ephemeral (non-persistent) session will stay valid.",
+ "default": 72
+ },
+ "idle_ephemeral_session_lifetime": {
+ "type": "integer",
+ "description": "Number of hours for which an ephemeral (non-persistent) session can be inactive before the user must log in again.",
+ "default": 24
+ },
+ "sandbox_version": {
+ "type": "string",
+ "description": "Selected sandbox version for the extensibility environment",
+ "default": "22",
+ "maxLength": 8
+ },
+ "legacy_sandbox_version": {
+ "type": "string",
+ "description": "Selected legacy sandbox version for the extensibility environment",
+ "maxLength": 8
+ },
+ "default_redirection_uri": {
+ "type": "string",
+ "description": "The default absolute redirection uri, must be https",
+ "format": "absolute-https-uri-or-empty"
+ },
+ "enabled_locales": {
+ "type": "array",
+ "description": "Supported locales for the user interface",
+ "items": {
+ "type": "string",
+ "enum": [
+ "am",
+ "ar",
+ "ar-EG",
+ "ar-SA",
+ "az",
+ "bg",
+ "bn",
+ "bs",
+ "ca-ES",
+ "cnr",
+ "cs",
+ "cy",
+ "da",
+ "de",
+ "el",
+ "en",
+ "en-CA",
+ "es",
+ "es-419",
+ "es-AR",
+ "es-MX",
+ "et",
+ "eu-ES",
+ "fa",
+ "fi",
+ "fr",
+ "fr-CA",
+ "fr-FR",
+ "gl-ES",
+ "gu",
+ "he",
+ "hi",
+ "hr",
+ "hu",
+ "hy",
+ "id",
+ "is",
+ "it",
+ "ja",
+ "ka",
+ "kk",
+ "kn",
+ "ko",
+ "lt",
+ "lv",
+ "mk",
+ "ml",
+ "mn",
+ "mr",
+ "ms",
+ "my",
+ "nb",
+ "nl",
+ "nn",
+ "no",
+ "pa",
+ "pl",
+ "pt",
+ "pt-BR",
+ "pt-PT",
+ "ro",
+ "ru",
+ "sk",
+ "sl",
+ "so",
+ "sq",
+ "sr",
+ "sv",
+ "sw",
+ "ta",
+ "te",
+ "th",
+ "tl",
+ "tr",
+ "uk",
+ "ur",
+ "vi",
+ "zgh",
+ "zh-CN",
+ "zh-HK",
+ "zh-TW"
+ ]
+ }
+ },
+ "session_cookie": {
+ "$ref": "#/components/schemas/SessionCookieSchema"
+ },
+ "sessions": {
+ "$ref": "#/components/schemas/TenantSettingsSessions"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/TenantOIDCLogoutSettings"
+ },
+ "customize_mfa_in_postlogin_action": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether to enable flexible factors for MFA in the PostLogin action",
+ "default": false
+ },
+ "allow_organization_name_in_authentication_api": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Whether to accept an organization name instead of an ID on auth endpoints",
+ "default": false
+ },
+ "acr_values_supported": {
+ "type": "array",
+ "description": "Supported ACR values",
+ "items": {
+ "type": "string",
+ "format": "acr"
+ }
+ },
+ "mtls": {
+ "$ref": "#/components/schemas/TenantSettingsMTLS"
+ },
+ "pushed_authorization_requests_supported": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Enables the use of Pushed Authorization Requests",
+ "default": false
+ },
+ "authorization_response_iss_parameter_supported": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Supports iss parameter in authorization responses",
+ "default": false
+ }
+ }
+ },
+ "UpdateTenantSettingsResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "change_password": {
+ "$ref": "#/components/schemas/TenantSettingsPasswordPage"
+ },
+ "guardian_mfa_page": {
+ "$ref": "#/components/schemas/TenantSettingsGuardianPage"
+ },
+ "default_audience": {
+ "type": "string",
+ "description": "Default audience for API authorization.",
+ "default": ""
+ },
+ "default_directory": {
+ "type": "string",
+ "description": "Name of connection used for password grants at the `/token`endpoint. The following connection types are supported: LDAP, AD, Database Connections, Passwordless, Windows Azure Active Directory, ADFS.",
+ "default": ""
+ },
+ "error_page": {
+ "$ref": "#/components/schemas/TenantSettingsErrorPage"
+ },
+ "device_flow": {
+ "$ref": "#/components/schemas/TenantSettingsDeviceFlow"
+ },
+ "default_token_quota": {
+ "$ref": "#/components/schemas/DefaultTokenQuota"
+ },
+ "flags": {
+ "$ref": "#/components/schemas/TenantSettingsFlags"
+ },
+ "friendly_name": {
+ "type": "string",
+ "description": "Friendly name for this tenant.",
+ "default": "My Company"
+ },
+ "picture_url": {
+ "type": "string",
+ "description": "URL of logo to be shown for this tenant (recommended size: 150x150)",
+ "default": "https://mycompany.org/logo.png",
+ "format": "absolute-uri-or-empty"
+ },
+ "support_email": {
+ "type": "string",
+ "description": "End-user support email address.",
+ "default": "support@mycompany.org",
+ "format": "email-or-empty"
+ },
+ "support_url": {
+ "type": "string",
+ "description": "End-user support URL.",
+ "default": "https://mycompany.org/support",
+ "format": "absolute-uri-or-empty"
+ },
+ "allowed_logout_urls": {
+ "type": "array",
+ "description": "URLs that are valid to redirect to after logout from Auth0.",
+ "items": {
+ "type": "string",
+ "format": "url"
+ }
+ },
+ "session_lifetime": {
+ "type": "number",
+ "description": "Number of hours a session will stay valid.",
+ "default": 168
+ },
+ "idle_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours for which a session can be inactive before the user must log in again.",
+ "default": 72
+ },
+ "ephemeral_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours an ephemeral (non-persistent) session will stay valid.",
+ "default": 72
+ },
+ "idle_ephemeral_session_lifetime": {
+ "type": "number",
+ "description": "Number of hours for which an ephemeral (non-persistent) session can be inactive before the user must log in again.",
+ "default": 24
+ },
+ "sandbox_version": {
+ "type": "string",
+ "description": "Selected sandbox version for the extensibility environment.",
+ "default": "22"
+ },
+ "legacy_sandbox_version": {
+ "type": "string",
+ "description": "Selected sandbox version for rules and hooks extensibility.",
+ "default": ""
+ },
+ "sandbox_versions_available": {
+ "type": "array",
+ "description": "Available sandbox versions for the extensibility environment.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "default_redirection_uri": {
+ "type": "string",
+ "description": "The default absolute redirection uri, must be https"
+ },
+ "enabled_locales": {
+ "type": "array",
+ "description": "Supported locales for the user interface.",
+ "items": {
+ "$ref": "#/components/schemas/SupportedLocales"
+ }
+ },
+ "session_cookie": {
+ "$ref": "#/components/schemas/SessionCookieSchema"
+ },
+ "sessions": {
+ "$ref": "#/components/schemas/TenantSettingsSessions"
+ },
+ "oidc_logout": {
+ "$ref": "#/components/schemas/TenantOIDCLogoutSettings"
+ },
+ "allow_organization_name_in_authentication_api": {
+ "type": "boolean",
+ "description": "Whether to accept an organization name instead of an ID on auth endpoints",
+ "default": false
+ },
+ "customize_mfa_in_postlogin_action": {
+ "type": "boolean",
+ "description": "Whether to enable flexible factors for MFA in the PostLogin action",
+ "default": false
+ },
+ "acr_values_supported": {
+ "type": "array",
+ "description": "Supported ACR values",
+ "items": {
+ "type": "string",
+ "format": "acr"
+ }
+ },
+ "mtls": {
+ "$ref": "#/components/schemas/TenantSettingsMTLS"
+ },
+ "pushed_authorization_requests_supported": {
+ "type": "boolean",
+ "description": "Enables the use of Pushed Authorization Requests",
+ "default": false
+ },
+ "authorization_response_iss_parameter_supported": {
+ "type": [
+ "boolean",
+ "null"
+ ],
+ "description": "Supports iss parameter in authorization responses",
+ "default": false
+ }
+ }
+ },
+ "UpdateTokenExchangeProfileRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Friendly name of this profile.",
+ "default": "Token Exchange Profile 1",
+ "minLength": 3,
+ "maxLength": 50
+ },
+ "subject_token_type": {
+ "type": "string",
+ "description": "Subject token type for this profile. When receiving a token exchange request on the Authentication API, the corresponding token exchange profile with a matching subject_token_type will be executed. This must be a URI.",
+ "minLength": 8,
+ "maxLength": 100,
+ "format": "url"
+ }
+ }
+ },
+ "UpdateTokenQuota": {
+ "type": [
+ "object",
+ "null"
+ ],
+ "additionalProperties": false,
+ "required": [
+ "client_credentials"
+ ],
+ "x-release-lifecycle": "EA",
+ "properties": {
+ "client_credentials": {
+ "$ref": "#/components/schemas/TokenQuotaClientCredentials"
+ }
+ }
+ },
+ "UpdateUniversalLoginTemplateRequestContent": {
+ "oneOf": [
+ {
+ "type": "string",
+ "maxLength": 102400
+ },
+ {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "template"
+ ],
+ "properties": {
+ "template": {
+ "type": "string",
+ "maxLength": 102400
+ }
+ }
+ }
+ ]
+ },
+ "UpdateUserAuthenticationMethodRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "A human-readable label to identify the authentication method."
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ }
+ }
+ },
+ "UpdateUserAuthenticationMethodResponseContent": {
+ "type": "object",
+ "description": "The successfully created authentication method.",
+ "additionalProperties": false,
+ "required": [
+ "type"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the newly created authentication method (automatically generated by the application)",
+ "format": "authenticator-id"
+ },
+ "type": {
+ "$ref": "#/components/schemas/CreatedAuthenticationMethodTypeEnum"
+ },
+ "name": {
+ "type": "string",
+ "description": "A human-readable label to identify the authentication method."
+ },
+ "totp_secret": {
+ "type": "string",
+ "description": "Base32 encoded secret for TOTP generation"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice.",
+ "minLength": 2,
+ "maxLength": 30
+ },
+ "email": {
+ "type": "string",
+ "description": "Applies to email authentication methods only. The email address used to send verification messages."
+ },
+ "authentication_methods": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserAuthenticationMethodProperties"
+ }
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ },
+ "key_id": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The id of the credential."
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The public key."
+ },
+ "relying_party_identifier": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The relying party identifier."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Authentication method creation date",
+ "format": "date-time"
+ }
+ }
+ },
+ "UpdateUserRequestContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "blocked": {
+ "type": "boolean",
+ "description": "Whether this user was blocked by an administrator (true) or not (false).",
+ "default": false
+ },
+ "email_verified": {
+ "type": "boolean",
+ "description": "Whether this email address is verified (true) or unverified (false). If set to false the user will not receive a verification email unless `verify_email` is set to true.",
+ "default": false
+ },
+ "email": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Email address of this user.",
+ "default": "john.doe@gmail.com",
+ "format": "email"
+ },
+ "phone_number": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The user's phone number (following the E.164 recommendation).",
+ "default": "+199999999999999"
+ },
+ "phone_verified": {
+ "type": "boolean",
+ "description": "Whether this phone number has been verified (true) or not (false).",
+ "default": false
+ },
+ "user_metadata": {
+ "$ref": "#/components/schemas/UserMetadata"
+ },
+ "app_metadata": {
+ "$ref": "#/components/schemas/AppMetadata"
+ },
+ "given_name": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Given name/first name/forename of this user.",
+ "default": "John",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "family_name": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Family name/last name/surname of this user.",
+ "default": "Doe",
+ "minLength": 1,
+ "maxLength": 150
+ },
+ "name": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Name of this user.",
+ "default": "John Doe",
+ "minLength": 1,
+ "maxLength": 300
+ },
+ "nickname": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "Preferred nickname or alias of this user.",
+ "default": "Johnny",
+ "minLength": 1,
+ "maxLength": 300
+ },
+ "picture": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "URL to picture, photo, or avatar of this user.",
+ "default": "https://secure.gravatar.com/avatar/15626c5e0c749cb912f9d1ad48dba440?s=480&r=pg&d=https%3A%2F%2Fssl.gstatic.com%2Fs2%2Fprofiles%2Fimages%2Fsilhouette80.png",
+ "format": "strict-uri"
+ },
+ "verify_email": {
+ "type": "boolean",
+ "description": "Whether this user will receive a verification email after creation (true) or no email (false). Overrides behavior of `email_verified` parameter.",
+ "default": false
+ },
+ "verify_phone_number": {
+ "type": "boolean",
+ "description": "Whether this user will receive a text after changing the phone number (true) or no text (false). Only valid when changing phone number for SMS connections.",
+ "default": false
+ },
+ "password": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "New password for this user. Only valid for database connections.",
+ "default": "secret",
+ "minLength": 1
+ },
+ "connection": {
+ "type": "string",
+ "description": "Name of the connection to target for this user update.",
+ "default": "Initial-Connection",
+ "minLength": 1
+ },
+ "client_id": {
+ "type": "string",
+ "description": "Auth0 client ID. Only valid when updating email address.",
+ "default": "DaM8bokEXBWrTUFCiJjWn50jei6ardyX",
+ "minLength": 1
+ },
+ "username": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The user's username. Only valid if the connection requires a username.",
+ "default": "johndoe",
+ "minLength": 1,
+ "maxLength": 128
+ }
+ }
+ },
+ "UpdateUserResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs.",
+ "default": "auth0|507f1f77bcf86cd799439020"
+ },
+ "email": {
+ "type": "string",
+ "description": "Email address of this user.",
+ "default": "john.doe@gmail.com",
+ "format": "email"
+ },
+ "email_verified": {
+ "type": "boolean",
+ "description": "Whether this email address is verified (true) or unverified (false).",
+ "default": false
+ },
+ "username": {
+ "type": "string",
+ "description": "Username of this user.",
+ "default": "johndoe"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number for this user. Follows the E.164 recommendation.",
+ "default": "+199999999999999"
+ },
+ "phone_verified": {
+ "type": "boolean",
+ "description": "Whether this phone number has been verified (true) or not (false).",
+ "default": false
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "updated_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "identities": {
+ "type": "array",
+ "description": "Array of user identity objects when accounts are linked.",
+ "items": {
+ "$ref": "#/components/schemas/UserIdentitySchema"
+ }
+ },
+ "app_metadata": {
+ "$ref": "#/components/schemas/UserAppMetadataSchema"
+ },
+ "user_metadata": {
+ "$ref": "#/components/schemas/UserMetadataSchema"
+ },
+ "picture": {
+ "type": "string",
+ "description": "URL to picture, photo, or avatar of this user."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this user."
+ },
+ "nickname": {
+ "type": "string",
+ "description": "Preferred nickname or alias of this user."
+ },
+ "multifactor": {
+ "type": "array",
+ "description": "List of multi-factor authentication providers with which this user has enrolled.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "last_ip": {
+ "type": "string",
+ "description": "Last IP address from which this user logged in."
+ },
+ "last_login": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "logins_count": {
+ "type": "integer",
+ "description": "Total number of logins this user has performed."
+ },
+ "blocked": {
+ "type": "boolean",
+ "description": "Whether this user was blocked by an administrator (true) or is not (false)."
+ },
+ "given_name": {
+ "type": "string",
+ "description": "Given name/first name/forename of this user."
+ },
+ "family_name": {
+ "type": "string",
+ "description": "Family name/last name/surname of this user."
+ }
+ }
+ },
+ "UpdateVerifiableCredentialTemplateRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "name": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "type": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "dialect": {
+ "type": "string",
+ "maxLength": 255
+ },
+ "presentation": {
+ "$ref": "#/components/schemas/MdlPresentationRequest"
+ },
+ "well_known_trusted_issuers": {
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "version": {
+ "type": "number"
+ }
+ }
+ },
+ "UpdateVerifiableCredentialTemplateResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The id of the template.",
+ "default": "vct_0000000000000001"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the template."
+ },
+ "type": {
+ "type": "string",
+ "description": "The type of the template.",
+ "default": "mdl"
+ },
+ "dialect": {
+ "type": "string",
+ "description": "The dialect of the template.",
+ "default": "simplified/1.0",
+ "maxLength": 255
+ },
+ "presentation": {
+ "$ref": "#/components/schemas/MdlPresentationRequest"
+ },
+ "custom_certificate_authority": {
+ "type": "string",
+ "description": "The custom certificate authority.",
+ "minLength": 1,
+ "maxLength": 4096
+ },
+ "well_known_trusted_issuers": {
+ "type": "string",
+ "description": "The well-known trusted issuers, comma separated.",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "UserAppMetadataSchema": {
+ "type": "object",
+ "description": "User metadata to which this user has read-only access.",
+ "additionalProperties": true,
+ "properties": {}
+ },
+ "UserAuthenticationMethod": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "id",
+ "type",
+ "created_at"
+ ],
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The ID of the authentication method (auto generated)"
+ },
+ "type": {
+ "$ref": "#/components/schemas/AuthenticationMethodTypeEnum"
+ },
+ "confirmed": {
+ "type": "boolean",
+ "description": "The authentication method status"
+ },
+ "name": {
+ "type": "string",
+ "description": "A human-readable label to identify the authentication method",
+ "maxLength": 20
+ },
+ "authentication_methods": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/UserAuthenticationMethodProperties"
+ }
+ },
+ "preferred_authentication_method": {
+ "$ref": "#/components/schemas/PreferredAuthenticationMethodEnum"
+ },
+ "link_id": {
+ "type": "string",
+ "description": "The ID of a linked authentication method. Linked authentication methods will be deleted together."
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice."
+ },
+ "email": {
+ "type": "string",
+ "description": "Applies to email and email-verification authentication methods only. The email address used to send verification messages."
+ },
+ "key_id": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The ID of the generated credential."
+ },
+ "public_key": {
+ "type": "string",
+ "description": "Applies to webauthn authentication methods only. The public key."
+ },
+ "created_at": {
+ "type": "string",
+ "description": "Authenticator creation date",
+ "format": "date-time"
+ },
+ "enrolled_at": {
+ "type": "string",
+ "description": "Enrollment date",
+ "format": "date-time"
+ },
+ "last_auth_at": {
+ "type": "string",
+ "description": "Last authentication",
+ "format": "date-time"
+ },
+ "credential_device_type": {
+ "type": "string",
+ "description": "Applies to passkeys only. The kind of device the credential is stored on as defined by backup eligibility. \"single_device\" credentials cannot be backed up and synced to another device, \"multi_device\" credentials can be backed up if enabled by the end-user."
+ },
+ "credential_backed_up": {
+ "type": "boolean",
+ "description": "Applies to passkeys only. Whether the credential was backed up."
+ },
+ "identity_user_id": {
+ "type": "string",
+ "description": "Applies to passkeys only. The ID of the user identity linked with the authentication method."
+ },
+ "user_agent": {
+ "type": "string",
+ "description": "Applies to passkeys only. The user-agent of the browser used to create the passkey."
+ }
+ }
+ },
+ "UserAuthenticationMethodProperties": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "type": {
+ "$ref": "#/components/schemas/UserAuthenticationMethodPropertiesEnum"
+ },
+ "id": {
+ "type": "string",
+ "format": "authenticator-id"
+ }
+ }
+ },
+ "UserAuthenticationMethodPropertiesEnum": {
+ "type": "string",
+ "enum": [
+ "totp",
+ "push",
+ "sms",
+ "voice"
+ ]
+ },
+ "UserBlockIdentifier": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "identifier": {
+ "type": "string",
+ "description": "Identifier (should be any of an `email`, `username`, or `phone_number`)",
+ "default": "john.doe@gmail.com"
+ },
+ "ip": {
+ "type": "string",
+ "description": "IP Address",
+ "default": "10.0.0.1"
+ },
+ "connection": {
+ "type": "string",
+ "description": "Connection identifier"
+ }
+ }
+ },
+ "UserDateSchema": {
+ "oneOf": [
+ {
+ "type": "string",
+ "description": "Date and time when this user was created (ISO_8601 format)."
+ },
+ {
+ "type": "object",
+ "description": "Date and time when this user was created (ISO_8601 format).",
+ "additionalProperties": true
+ }
+ ]
+ },
+ "UserEnrollmentAuthMethodEnum": {
+ "type": "string",
+ "description": "Authentication method for this enrollment. Can be `authenticator`, `guardian`, `sms`, `webauthn-roaming`, or `webauthn-platform`.",
+ "enum": [
+ "authenticator",
+ "guardian",
+ "sms",
+ "webauthn-platform",
+ "webauthn-roaming"
+ ]
+ },
+ "UserEnrollmentStatusEnum": {
+ "type": "string",
+ "description": "Status of this enrollment. Can be `pending` or `confirmed`.",
+ "enum": [
+ "pending",
+ "confirmed"
+ ]
+ },
+ "UserGrant": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of the grant."
+ },
+ "clientID": {
+ "type": "string",
+ "description": "ID of the client."
+ },
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user."
+ },
+ "audience": {
+ "type": "string",
+ "description": "Audience of the grant."
+ },
+ "scope": {
+ "type": "array",
+ "description": "Scopes included in this grant.",
+ "items": {
+ "type": "string",
+ "minLength": 1
+ }
+ }
+ }
+ },
+ "UserIdEnum": {
+ "description": "user_id of the secondary user account being linked.",
+ "oneOf": [
+ {
+ "type": "string",
+ "default": "abc",
+ "minLength": 1
+ },
+ {
+ "type": "integer",
+ "default": 191919191
+ }
+ ]
+ },
+ "UserIdentity": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "provider",
+ "user_id",
+ "connection"
+ ],
+ "properties": {
+ "connection": {
+ "type": "string",
+ "description": "Connection name of this identity.",
+ "default": "twitter"
+ },
+ "user_id": {
+ "$ref": "#/components/schemas/UserIdEnum"
+ },
+ "provider": {
+ "type": "string",
+ "description": "Type of identity provider.",
+ "default": "twitter"
+ },
+ "profileData": {
+ "$ref": "#/components/schemas/UserProfileData"
+ },
+ "isSocial": {
+ "type": "boolean",
+ "description": "Whether the identity provider is a social provider (true) or not (false)."
+ },
+ "access_token": {
+ "type": "string",
+ "description": "IDP access token returned if scope `read:user_idp_tokens` is defined."
+ },
+ "access_token_secret": {
+ "type": "string",
+ "description": "IDP access token secret returned only if `scope read:user_idp_tokens` is defined."
+ },
+ "refresh_token": {
+ "type": "string",
+ "description": "IDP refresh token returned only if scope `read:user_idp_tokens` is defined."
+ }
+ }
+ },
+ "UserIdentityProviderEnum": {
+ "type": "string",
+ "description": "The type of identity provider",
+ "enum": [
+ "ad",
+ "adfs",
+ "amazon",
+ "apple",
+ "dropbox",
+ "bitbucket",
+ "aol",
+ "auth0-oidc",
+ "auth0",
+ "baidu",
+ "bitly",
+ "box",
+ "custom",
+ "daccount",
+ "dwolla",
+ "email",
+ "evernote-sandbox",
+ "evernote",
+ "exact",
+ "facebook",
+ "fitbit",
+ "flickr",
+ "github",
+ "google-apps",
+ "google-oauth2",
+ "instagram",
+ "ip",
+ "line",
+ "linkedin",
+ "miicard",
+ "oauth1",
+ "oauth2",
+ "office365",
+ "oidc",
+ "okta",
+ "paypal",
+ "paypal-sandbox",
+ "pingfederate",
+ "planningcenter",
+ "renren",
+ "salesforce-community",
+ "salesforce-sandbox",
+ "salesforce",
+ "samlp",
+ "sharepoint",
+ "shopify",
+ "shop",
+ "sms",
+ "soundcloud",
+ "thecity-sandbox",
+ "thecity",
+ "thirtysevensignals",
+ "twitter",
+ "untappd",
+ "vkontakte",
+ "waad",
+ "weibo",
+ "windowslive",
+ "wordpress",
+ "yahoo",
+ "yammer",
+ "yandex"
+ ]
+ },
+ "UserIdentitySchema": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "connection": {
+ "type": "string",
+ "description": "Name of the connection containing this identity."
+ },
+ "user_id": {
+ "type": "string",
+ "description": "Unique identifier of the user user for this identity."
+ },
+ "provider": {
+ "$ref": "#/components/schemas/UserIdentityProviderEnum"
+ },
+ "isSocial": {
+ "type": "boolean",
+ "description": "Whether this identity is from a social provider (true) or not (false)."
+ },
+ "access_token": {
+ "type": "string",
+ "description": "IDP access token returned only if scope read:user_idp_tokens is defined."
+ },
+ "access_token_secret": {
+ "type": "string",
+ "description": "IDP access token secret returned only if scope read:user_idp_tokens is defined."
+ },
+ "refresh_token": {
+ "type": "string",
+ "description": "IDP refresh token returned only if scope read:user_idp_tokens is defined."
+ },
+ "profileData": {
+ "$ref": "#/components/schemas/UserProfileData"
+ }
+ }
+ },
+ "UserListLogOffsetPaginatedResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "start": {
+ "type": "number"
+ },
+ "limit": {
+ "type": "number"
+ },
+ "length": {
+ "type": "number"
+ },
+ "total": {
+ "type": "number"
+ },
+ "logs": {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Log"
+ }
+ }
+ }
+ },
+ "UserListLogResponseContent": {
+ "oneOf": [
+ {
+ "type": "array",
+ "items": {
+ "$ref": "#/components/schemas/Log"
+ }
+ },
+ {
+ "$ref": "#/components/schemas/UserListLogOffsetPaginatedResponseContent"
+ }
+ ]
+ },
+ "UserMetadata": {
+ "type": "object",
+ "description": "Data related to the user that does not affect the application's core functionality.",
+ "additionalProperties": true
+ },
+ "UserMetadataSchema": {
+ "type": "object",
+ "description": "User metadata to which this user has read/write access.",
+ "additionalProperties": true
+ },
+ "UserMultifactorProviderEnum": {
+ "type": "string",
+ "description": "The multi-factor provider. Supported values 'duo' or 'google-authenticator'",
+ "enum": [
+ "duo",
+ "google-authenticator"
+ ]
+ },
+ "UserPermissionSchema": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "sources": {},
+ "resource_server_identifier": {
+ "type": "string",
+ "description": "Resource server (API) identifier that this permission is for."
+ },
+ "permission_name": {
+ "type": "string",
+ "description": "Name of this permission."
+ },
+ "resource_server_name": {
+ "type": "string",
+ "description": "Resource server (API) name this permission is for."
+ },
+ "description": {
+ "type": "string",
+ "description": "Description of this permission."
+ }
+ }
+ },
+ "UserProfileData": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "email": {
+ "type": "string",
+ "description": "Email address of this user."
+ },
+ "email_verified": {
+ "type": "boolean",
+ "description": "Whether this email address is verified (true) or unverified (false)."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this user."
+ },
+ "username": {
+ "type": "string",
+ "description": "Username of this user.",
+ "default": "johndoe"
+ },
+ "given_name": {
+ "type": "string",
+ "description": "Given name/first name/forename of this user."
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number for this user."
+ },
+ "phone_verified": {
+ "type": "boolean",
+ "description": "Whether this phone number is verified (true) or unverified (false)."
+ },
+ "family_name": {
+ "type": "string",
+ "description": "Family name/last name/surname of this user."
+ }
+ }
+ },
+ "UserResponseSchema": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "user_id": {
+ "type": "string",
+ "description": "ID of the user which can be used when interacting with other APIs.",
+ "default": "auth0|507f1f77bcf86cd799439020"
+ },
+ "email": {
+ "type": "string",
+ "description": "Email address of this user.",
+ "default": "john.doe@gmail.com",
+ "format": "email"
+ },
+ "email_verified": {
+ "type": "boolean",
+ "description": "Whether this email address is verified (true) or unverified (false).",
+ "default": false
+ },
+ "username": {
+ "type": "string",
+ "description": "Username of this user.",
+ "default": "johndoe"
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number for this user. Follows the E.164 recommendation.",
+ "default": "+199999999999999"
+ },
+ "phone_verified": {
+ "type": "boolean",
+ "description": "Whether this phone number has been verified (true) or not (false).",
+ "default": false
+ },
+ "created_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "updated_at": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "identities": {
+ "type": "array",
+ "description": "Array of user identity objects when accounts are linked.",
+ "items": {
+ "$ref": "#/components/schemas/UserIdentitySchema"
+ }
+ },
+ "app_metadata": {
+ "$ref": "#/components/schemas/UserAppMetadataSchema"
+ },
+ "user_metadata": {
+ "$ref": "#/components/schemas/UserMetadataSchema"
+ },
+ "picture": {
+ "type": "string",
+ "description": "URL to picture, photo, or avatar of this user."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of this user."
+ },
+ "nickname": {
+ "type": "string",
+ "description": "Preferred nickname or alias of this user."
+ },
+ "multifactor": {
+ "type": "array",
+ "description": "List of multi-factor authentication providers with which this user has enrolled.",
+ "items": {
+ "type": "string"
+ }
+ },
+ "last_ip": {
+ "type": "string",
+ "description": "Last IP address from which this user logged in."
+ },
+ "last_login": {
+ "$ref": "#/components/schemas/UserDateSchema"
+ },
+ "logins_count": {
+ "type": "integer",
+ "description": "Total number of logins this user has performed."
+ },
+ "blocked": {
+ "type": "boolean",
+ "description": "Whether this user was blocked by an administrator (true) or is not (false)."
+ },
+ "given_name": {
+ "type": "string",
+ "description": "Given name/first name/forename of this user."
+ },
+ "family_name": {
+ "type": "string",
+ "description": "Family name/last name/surname of this user."
+ }
+ }
+ },
+ "UsernameAllowedTypes": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "email": {
+ "type": "boolean"
+ },
+ "phone_number": {
+ "type": "boolean"
+ }
+ }
+ },
+ "UsernameAttribute": {
+ "type": "object",
+ "description": "Configuration for the username attribute for users.",
+ "additionalProperties": false,
+ "properties": {
+ "identifier": {
+ "$ref": "#/components/schemas/ConnectionAttributeIdentifier"
+ },
+ "profile_required": {
+ "type": "boolean",
+ "description": "Determines if property should be required for users"
+ },
+ "signup": {
+ "$ref": "#/components/schemas/SignupSchema"
+ },
+ "validation": {
+ "$ref": "#/components/schemas/UsernameValidation"
+ }
+ }
+ },
+ "UsernameValidation": {
+ "type": "object",
+ "additionalProperties": false,
+ "properties": {
+ "min_length": {
+ "type": "number",
+ "description": "Minimum allowed length"
+ },
+ "max_length": {
+ "type": "number",
+ "description": "Maximum allowed length"
+ },
+ "allowed_types": {
+ "$ref": "#/components/schemas/UsernameAllowedTypes"
+ }
+ }
+ },
+ "UsersEnrollment": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "ID of this enrollment."
+ },
+ "status": {
+ "$ref": "#/components/schemas/UserEnrollmentStatusEnum"
+ },
+ "type": {
+ "type": "string",
+ "description": "Type of enrollment."
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of enrollment (usually phone number).",
+ "maxLength": 20
+ },
+ "identifier": {
+ "type": "string",
+ "description": "Device identifier (usually phone identifier) of this enrollment."
+ },
+ "phone_number": {
+ "type": "string",
+ "description": "Phone number for this enrollment."
+ },
+ "auth_method": {
+ "$ref": "#/components/schemas/UserEnrollmentAuthMethodEnum"
+ },
+ "enrolled_at": {
+ "type": "string",
+ "description": "Start date and time of this enrollment.",
+ "format": "date-time"
+ },
+ "last_auth": {
+ "type": "string",
+ "description": "Last authentication date and time of this enrollment.",
+ "format": "date-time"
+ }
+ }
+ },
+ "VerifiableCredentialTemplateResponse": {
+ "type": "object",
+ "additionalProperties": true,
+ "properties": {
+ "id": {
+ "type": "string",
+ "description": "The id of the template.",
+ "default": "vct_0000000000000001"
+ },
+ "name": {
+ "type": "string",
+ "description": "The name of the template."
+ },
+ "type": {
+ "type": "string",
+ "description": "The type of the template.",
+ "default": "mdl"
+ },
+ "dialect": {
+ "type": "string",
+ "description": "The dialect of the template.",
+ "default": "simplified/1.0",
+ "maxLength": 255
+ },
+ "presentation": {
+ "$ref": "#/components/schemas/MdlPresentationRequest"
+ },
+ "custom_certificate_authority": {
+ "type": "string",
+ "description": "The custom certificate authority.",
+ "minLength": 1,
+ "maxLength": 4096
+ },
+ "well_known_trusted_issuers": {
+ "type": "string",
+ "description": "The well-known trusted issuers, comma separated.",
+ "minLength": 1,
+ "maxLength": 255
+ },
+ "created_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ },
+ "updated_at": {
+ "type": "string",
+ "description": "The date and time the template was created.",
+ "default": "2021-01-01T00:00:00Z",
+ "format": "date-time"
+ }
+ }
+ },
+ "VerificationMethodEnum": {
+ "type": "string",
+ "enum": [
+ "link",
+ "otp"
+ ]
+ },
+ "VerifyCustomDomainResponseContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "custom_domain_id",
+ "domain",
+ "primary",
+ "status",
+ "type"
+ ],
+ "properties": {
+ "custom_domain_id": {
+ "type": "string",
+ "description": "ID of the custom domain.",
+ "default": "cd_0000000000000001"
+ },
+ "domain": {
+ "type": "string",
+ "description": "Domain name.",
+ "default": "login.mycompany.com"
+ },
+ "primary": {
+ "type": "boolean",
+ "description": "Whether this is a primary domain (true) or not (false).",
+ "default": false
+ },
+ "type": {
+ "$ref": "#/components/schemas/CustomDomainTypeEnum"
+ },
+ "cname_api_key": {
+ "type": "string",
+ "description": "CNAME API key header.",
+ "default": "d4feca..."
+ },
+ "origin_domain_name": {
+ "type": "string",
+ "description": "Intermediate address.",
+ "default": "mycompany_cd_0000000000000001.edge.tenants.auth0.com"
+ },
+ "verification": {
+ "$ref": "#/components/schemas/DomainVerification"
+ },
+ "custom_client_ip_header": {
+ "type": [
+ "string",
+ "null"
+ ],
+ "description": "The HTTP header to fetch the client's IP address"
+ },
+ "tls_policy": {
+ "type": "string",
+ "description": "The TLS version policy",
+ "default": "recommended"
+ }
+ }
+ },
+ "VerifyEmailTicketRequestContent": {
+ "type": "object",
+ "additionalProperties": false,
+ "required": [
+ "user_id"
+ ],
+ "properties": {
+ "result_url": {
+ "type": "string",
+ "description": "URL the user will be redirected to in the classic Universal Login experience once the ticket is used. Cannot be specified when using client_id or organization_id.",
+ "default": "http://myapp.com/callback",
+ "format": "url"
+ },
+ "user_id": {
+ "type": "string",
+ "description": "user_id of for whom the ticket should be created.",
+ "format": "user-id"
+ },
+ "client_id": {
+ "type": "string",
+ "description": "ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger.",
+ "default": "DaM8bokEXBWrTUFCiJjWn50jei6ardyX",
+ "format": "client-id"
+ },
+ "organization_id": {
+ "type": "string",
+ "description": "(Optional) Organization ID – the ID of the Organization. If provided, organization parameters will be made available to the email template and organization branding will be applied to the prompt. In addition, the redirect link in the prompt will include organization_id and organization_name query string parameters.",
+ "default": "org_2eondWoxcMIpaLQc",
+ "format": "organization-id"
+ },
+ "ttl_sec": {
+ "type": "integer",
+ "description": "Number of seconds for which the ticket is valid before expiration. If unspecified or set to 0, this value defaults to 432000 seconds (5 days)."
+ },
+ "includeEmailInRedirect": {
+ "type": "boolean",
+ "description": "Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false)."
+ },
+ "identity": {
+ "$ref": "#/components/schemas/Identity"
+ }
+ }
+ },
+ "VerifyEmailTicketResponseContent": {
+ "type": "object",
+ "additionalProperties": true,
+ "required": [
+ "ticket"
+ ],
+ "properties": {
+ "ticket": {
+ "type": "string",
+ "description": "URL representing the ticket.",
+ "default": "https://login.auth0.com/lo/verify_email?client_id=nsaPS2p3cargoFy82WT7betaOPOt3qSh&tenant=mdocs&bewit=bmNlR01CcDNOUE1GeXVzODJXVDdyY1RUT1BPdDNxU2hcMTQzMDY2MjE4MVxuRTcxM0RSeUNlbEpzUUJmaFVaS3A1NEdJbWFzSUZMYzRTdEFtY2NMMXhZPVx7ImVtYWloojoiZGFtaWtww2NoQGhvdG1haWwuY29tIiwidGVuYW50IjoiZHNjaGVua2tjwWFuIiwiY2xpZW50X2lkIjoibmNlR01CcDNOUE1GeXVzODJXVDdyY1RUT1BPiiqxU2giLCJjb25uZWN0aW9uIjoiRGFtaWmsdiwicmVzdWx0VXJsIjoiIn0",
+ "format": "url"
+ }
+ }
+ }
+ },
+ "securitySchemes": {
+ "bearerAuth": {
+ "type": "http",
+ "scheme": "bearer",
+ "bearerFormat": "jwt"
+ },
+ "oAuth2ClientCredentials": {
+ "type": "oauth2",
+ "flows": {
+ "clientCredentials": {
+ "tokenUrl": "https://{tenantDomain}/oauth/token/",
+ "x-form-parameters": {
+ "audience": "https://{tenantDomain}/api/v2/"
+ },
+ "scopes": {
+ "read:actions": "Read Actions",
+ "create:actions": "Create Actions",
+ "delete:actions": "Delete Actions",
+ "update:actions": "Update Actions",
+ "read:anomaly_blocks": "Read Anomaly Blocks",
+ "delete:anomaly_blocks": "Delete Anomaly Blocks",
+ "read:shields": "Read Shields",
+ "create:shields": "Create Shields",
+ "update:shields": "Update Shields",
+ "read:attack_protection": "Read Attack Protection",
+ "update:attack_protection": "Update Attack Protection",
+ "read:branding": "Read Branding",
+ "update:branding": "Update Branding",
+ "read:phone_providers": "Read Phone Providers",
+ "create:phone_providers": "Create Phone Providers",
+ "update:phone_providers": "Update Phone Providers",
+ "delete:phone_providers": "Delete Phone Providers",
+ "read:phone_templates": "Read Phone Templates",
+ "create:phone_templates": "Create Phone Templates",
+ "update:phone_templates": "Update Phone Templates",
+ "delete:phone_templates": "Delete Phone Templates",
+ "delete:branding": "Delete Branding",
+ "read:client_grants": "Read Client Grants",
+ "create:client_grants": "Create Client Grants",
+ "update:client_grants": "Update Client Grants",
+ "delete:client_grants": "Delete Client Grants",
+ "read:organization_client_grants": "Read Organization Client Grants",
+ "read:clients": "Read Clients",
+ "read:client_keys": "Read Client Keys",
+ "read:client_credentials": "Read Client Credentials",
+ "read:client_summary": "Read Client Summary",
+ "create:clients": "Create Clients",
+ "create:client_credentials": "Create Client Credentials",
+ "update:client_credentials": "Update Client Credentials",
+ "delete:client_credentials": "Delete Client Credentials",
+ "update:clients": "Update Clients",
+ "update:client_keys": "Update Client Keys",
+ "delete:clients": "Delete Clients",
+ "read:connections": "Read Connections",
+ "read:connection_profiles": "Read Connection Profiles",
+ "create:connection_profiles": "Create Connection Profiles",
+ "update:connection_profiles": "Update Connection Profiles",
+ "delete:connection_profiles": "Delete Connection Profiles",
+ "create:connections": "Create Connections",
+ "update:connections": "Update Connections",
+ "delete:connections": "Delete Connections",
+ "read:users": "Read Users",
+ "read:connections_keys": "Read Connections Keys",
+ "create:connections_keys": "Create Connections Keys",
+ "update:connections_keys": "Update Connections Keys",
+ "read:scim_config": "Read Scim Config",
+ "create:scim_config": "Create Scim Config",
+ "update:scim_config": "Update Scim Config",
+ "delete:scim_config": "Delete Scim Config",
+ "read:scim_token": "Read Scim Token",
+ "create:scim_token": "Create Scim Token",
+ "delete:scim_token": "Delete Scim Token",
+ "delete:users": "Delete Users",
+ "read:custom_domains": "Read Custom Domains",
+ "create:custom_domains": "Create Custom Domains",
+ "update:custom_domains": "Update Custom Domains",
+ "delete:custom_domains": "Delete Custom Domains",
+ "read:device_credentials": "Read Device Credentials",
+ "create:current_user_device_credentials": "Create Current User Device Credentials",
+ "delete:device_credentials": "Delete Device Credentials",
+ "delete:current_user_device_credentials": "Delete Current User Device Credentials",
+ "update:device_codes": "Update Device Codes",
+ "read:device_codes": "Read Device Codes",
+ "create:test_email_dispatch": "Create Test Email Dispatch",
+ "create:email_templates": "Create Email Templates",
+ "read:email_templates": "Read Email Templates",
+ "update:email_templates": "Update Email Templates",
+ "read:email_provider": "Read Email Provider",
+ "create:email_provider": "Create Email Provider",
+ "update:email_provider": "Update Email Provider",
+ "delete:email_provider": "Delete Email Provider",
+ "read:entitlements": "Read Entitlements",
+ "read:event_streams": "Read Event Streams",
+ "create:event_streams": "Create Event Streams",
+ "update:event_streams": "Update Event Streams",
+ "delete:event_streams": "Delete Event Streams",
+ "read:event_deliveries": "Read Event Deliveries",
+ "update:event_deliveries": "Update Event Deliveries",
+ "read:extensions": "Read Extensions",
+ "read:flows": "Read Flows",
+ "create:flows": "Create Flows",
+ "read:flows_vault_connections": "Read Flows Vault Connections",
+ "create:flows_vault_connections": "Create Flows Vault Connections",
+ "update:flows_vault_connections": "Update Flows Vault Connections",
+ "delete:flows_vault_connections": "Delete Flows Vault Connections",
+ "read:flows_executions": "Read Flows Executions",
+ "delete:flows_executions": "Delete Flows Executions",
+ "update:flows": "Update Flows",
+ "delete:flows": "Delete Flows",
+ "read:forms": "Read Forms",
+ "create:forms": "Create Forms",
+ "update:forms": "Update Forms",
+ "delete:forms": "Delete Forms",
+ "read:grants": "Read Grants",
+ "delete:grants": "Delete Grants",
+ "read:groups": "Read Groups",
+ "create:guardian_enrollment_tickets": "Create Guardian Enrollment Tickets",
+ "read:guardian_enrollments": "Read Guardian Enrollments",
+ "delete:guardian_enrollments": "Delete Guardian Enrollments",
+ "read:guardian_factors": "Read Guardian Factors",
+ "update:guardian_factors": "Update Guardian Factors",
+ "read:mfa_policies": "Read Mfa Policies",
+ "update:mfa_policies": "Update Mfa Policies",
+ "read:hooks": "Read Hooks",
+ "create:hooks": "Create Hooks",
+ "update:hooks": "Update Hooks",
+ "delete:hooks": "Delete Hooks",
+ "read:insights": "Read Insights",
+ "read:stats": "Read Stats",
+ "read:integrations": "Read Integrations",
+ "create:integrations": "Create Integrations",
+ "update:integrations": "Update Integrations",
+ "delete:integrations": "Delete Integrations",
+ "create:users": "Create Users",
+ "update:users": "Update Users",
+ "read:custom_signing_keys": "Read Custom Signing Keys",
+ "create:custom_signing_keys": "Create Custom Signing Keys",
+ "update:custom_signing_keys": "Update Custom Signing Keys",
+ "delete:custom_signing_keys": "Delete Custom Signing Keys",
+ "read:encryption_keys": "Read Encryption Keys",
+ "create:encryption_keys": "Create Encryption Keys",
+ "update:encryption_keys": "Update Encryption Keys",
+ "delete:encryption_keys": "Delete Encryption Keys",
+ "read:signing_keys": "Read Signing Keys",
+ "create:signing_keys": "Create Signing Keys",
+ "update:signing_keys": "Update Signing Keys",
+ "read:log_streams": "Read Log Streams",
+ "create:log_streams": "Create Log Streams",
+ "update:log_streams": "Update Log Streams",
+ "delete:log_streams": "Delete Log Streams",
+ "read:logs": "Read Logs",
+ "read:logs_users": "Read Logs Users",
+ "read:tenant_settings": "Read Tenant Settings",
+ "update:tenant_settings": "Update Tenant Settings",
+ "read:network_acls": "Read Network Acls",
+ "create:network_acls": "Create Network Acls",
+ "update:network_acls": "Update Network Acls",
+ "delete:network_acls": "Delete Network Acls",
+ "read:organizations": "Read Organizations",
+ "read:organizations_summary": "Read Organizations Summary",
+ "create:organizations": "Create Organizations",
+ "create:organization_connections": "Create Organization Connections",
+ "update:organizations": "Update Organizations",
+ "delete:organizations": "Delete Organizations",
+ "create:organization_client_grants": "Create Organization Client Grants",
+ "delete:organization_client_grants": "Delete Organization Client Grants",
+ "read:organization_connections": "Read Organization Connections",
+ "update:organization_connections": "Update Organization Connections",
+ "delete:organization_connections": "Delete Organization Connections",
+ "read:organization_discovery_domains": "Read Organization Discovery Domains",
+ "create:organization_discovery_domains": "Create Organization Discovery Domains",
+ "update:organization_discovery_domains": "Update Organization Discovery Domains",
+ "delete:organization_discovery_domains": "Delete Organization Discovery Domains",
+ "read:organization_invitations": "Read Organization Invitations",
+ "create:organization_invitations": "Create Organization Invitations",
+ "delete:organization_invitations": "Delete Organization Invitations",
+ "read:organization_members": "Read Organization Members",
+ "create:organization_members": "Create Organization Members",
+ "delete:organization_members": "Delete Organization Members",
+ "read:organization_member_roles": "Read Organization Member Roles",
+ "create:organization_member_roles": "Create Organization Member Roles",
+ "delete:organization_member_roles": "Delete Organization Member Roles",
+ "read:prompts": "Read Prompts",
+ "update:prompts": "Update Prompts",
+ "read:resource_servers": "Read Resource Servers",
+ "update:resource_servers": "Update Resource Servers",
+ "read:refresh_tokens": "Read Refresh Tokens",
+ "delete:refresh_tokens": "Delete Refresh Tokens",
+ "create:resource_servers": "Create Resource Servers",
+ "delete:resource_servers": "Delete Resource Servers",
+ "read:roles": "Read Roles",
+ "create:roles": "Create Roles",
+ "update:roles": "Update Roles",
+ "delete:roles": "Delete Roles",
+ "read:role_members": "Read Role Members",
+ "create:role_members": "Create Role Members",
+ "read:rules": "Read Rules",
+ "create:rules": "Create Rules",
+ "update:rules": "Update Rules",
+ "read:rules_configs": "Read Rules Configs",
+ "update:rules_configs": "Update Rules Configs",
+ "delete:rules_configs": "Delete Rules Configs",
+ "delete:rules": "Delete Rules",
+ "read:security_metrics": "Read Security Metrics",
+ "read:self_service_profiles": "Read Self Service Profiles",
+ "create:self_service_profiles": "Create Self Service Profiles",
+ "update:self_service_profiles": "Update Self Service Profiles",
+ "delete:self_service_profiles": "Delete Self Service Profiles",
+ "read:self_service_profile_custom_texts": "Read Self Service Profile Custom Texts",
+ "update:self_service_profile_custom_texts": "Update Self Service Profile Custom Texts",
+ "create:sso_access_tickets": "Create Sso Access Tickets",
+ "delete:sso_access_tickets": "Delete Sso Access Tickets",
+ "read:sessions": "Read Sessions",
+ "delete:sessions": "Delete Sessions",
+ "delete:tenants": "Delete Tenants",
+ "run:checks": "Run Checks",
+ "read:checks": "Read Checks",
+ "read:tenant_feature_flags": "Read Tenant Feature Flags",
+ "read:tenant_invitations": "Read Tenant Invitations",
+ "create:tenant_invitations": "Create Tenant Invitations",
+ "update:tenant_invitations": "Update Tenant Invitations",
+ "delete:tenant_invitations": "Delete Tenant Invitations",
+ "read:tenant_members": "Read Tenant Members",
+ "update:tenant_members": "Update Tenant Members",
+ "delete:tenant_members": "Delete Tenant Members",
+ "read:owners": "Read Owners",
+ "delete:owners": "Delete Owners",
+ "create:user_tickets": "Create User Tickets",
+ "read:token_exchange_profiles": "Read Token Exchange Profiles",
+ "create:token_exchange_profiles": "Create Token Exchange Profiles",
+ "update:token_exchange_profiles": "Update Token Exchange Profiles",
+ "delete:token_exchange_profiles": "Delete Token Exchange Profiles",
+ "read:entity_counts": "Read Entity Counts",
+ "read:user_attribute_profiles": "Read User Attribute Profiles",
+ "create:user_attribute_profiles": "Create User Attribute Profiles",
+ "update:user_attribute_profiles": "Update User Attribute Profiles",
+ "delete:user_attribute_profiles": "Delete User Attribute Profiles",
+ "read:user_idp_tokens": "Read User Idp Tokens",
+ "read:current_user": "Read Current User",
+ "update:users_app_metadata": "Update Users App Metadata",
+ "update:current_user_metadata": "Update Current User Metadata",
+ "delete:current_user": "Delete Current User",
+ "read:user_application_passwords": "Read User Application Passwords",
+ "create:user_application_passwords": "Create User Application Passwords",
+ "delete:user_application_passwords": "Delete User Application Passwords",
+ "read:authentication_methods": "Read Authentication Methods",
+ "update:authentication_methods": "Update Authentication Methods",
+ "create:authentication_methods": "Create Authentication Methods",
+ "delete:authentication_methods": "Delete Authentication Methods",
+ "read:federated_connections_tokens": "Read Federated Connections Tokens",
+ "delete:federated_connections_tokens": "Delete Federated Connections Tokens",
+ "update:current_user_identities": "Update Current User Identities",
+ "delete:role_members": "Delete Role Members",
+ "read:vdcs_templates": "Read Vdcs Templates",
+ "create:vdcs_templates": "Create Vdcs Templates",
+ "update:vdcs_templates": "Update Vdcs Templates",
+ "delete:vdcs_templates": "Delete Vdcs Templates"
+ }
+ }
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/poetry.lock b/poetry.lock
index 381bef4f..839ab932 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 2.1.2 and should not be changed by hand.
+# This file is automatically @generated by Poetry 2.2.0 and should not be changed by hand.
[[package]]
name = "aiohappyeyeballs"
@@ -156,6 +156,19 @@ files = [
[package.dependencies]
frozenlist = ">=1.1.0"
+[[package]]
+name = "annotated-types"
+version = "0.7.0"
+description = "Reusable constraint types to use with typing.Annotated"
+optional = false
+python-versions = ">=3.8"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "annotated_types-0.7.0-py3-none-any.whl", hash = "sha256:1f02e8b43a8fbbc3f3e0d4f0f4bfc8131bcb4eebe8849b8e5c773f3a1c582a53"},
+ {file = "annotated_types-0.7.0.tar.gz", hash = "sha256:aff07c09a53a08bc8cfccb9c85b05f1aa9a2a6f23728d790723543408344ce89"},
+]
+
[[package]]
name = "argcomplete"
version = "3.6.2"
@@ -204,6 +217,55 @@ docs = ["cogapp", "furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphi
tests = ["cloudpickle ; platform_python_implementation == \"CPython\"", "hypothesis", "mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-xdist[psutil]"]
tests-mypy = ["mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\""]
+[[package]]
+name = "black"
+version = "25.9.0"
+description = "The uncompromising code formatter."
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "black-25.9.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:ce41ed2614b706fd55fd0b4a6909d06b5bab344ffbfadc6ef34ae50adba3d4f7"},
+ {file = "black-25.9.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:2ab0ce111ef026790e9b13bd216fa7bc48edd934ffc4cbf78808b235793cbc92"},
+ {file = "black-25.9.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:f96b6726d690c96c60ba682955199f8c39abc1ae0c3a494a9c62c0184049a713"},
+ {file = "black-25.9.0-cp310-cp310-win_amd64.whl", hash = "sha256:d119957b37cc641596063cd7db2656c5be3752ac17877017b2ffcdb9dfc4d2b1"},
+ {file = "black-25.9.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:456386fe87bad41b806d53c062e2974615825c7a52159cde7ccaeb0695fa28fa"},
+ {file = "black-25.9.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:a16b14a44c1af60a210d8da28e108e13e75a284bf21a9afa6b4571f96ab8bb9d"},
+ {file = "black-25.9.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:aaf319612536d502fdd0e88ce52d8f1352b2c0a955cc2798f79eeca9d3af0608"},
+ {file = "black-25.9.0-cp311-cp311-win_amd64.whl", hash = "sha256:c0372a93e16b3954208417bfe448e09b0de5cc721d521866cd9e0acac3c04a1f"},
+ {file = "black-25.9.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:1b9dc70c21ef8b43248f1d86aedd2aaf75ae110b958a7909ad8463c4aa0880b0"},
+ {file = "black-25.9.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8e46eecf65a095fa62e53245ae2795c90bdecabd53b50c448d0a8bcd0d2e74c4"},
+ {file = "black-25.9.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:9101ee58ddc2442199a25cb648d46ba22cd580b00ca4b44234a324e3ec7a0f7e"},
+ {file = "black-25.9.0-cp312-cp312-win_amd64.whl", hash = "sha256:77e7060a00c5ec4b3367c55f39cf9b06e68965a4f2e61cecacd6d0d9b7ec945a"},
+ {file = "black-25.9.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:0172a012f725b792c358d57fe7b6b6e8e67375dd157f64fa7a3097b3ed3e2175"},
+ {file = "black-25.9.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:3bec74ee60f8dfef564b573a96b8930f7b6a538e846123d5ad77ba14a8d7a64f"},
+ {file = "black-25.9.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:b756fc75871cb1bcac5499552d771822fd9db5a2bb8db2a7247936ca48f39831"},
+ {file = "black-25.9.0-cp313-cp313-win_amd64.whl", hash = "sha256:846d58e3ce7879ec1ffe816bb9df6d006cd9590515ed5d17db14e17666b2b357"},
+ {file = "black-25.9.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:ef69351df3c84485a8beb6f7b8f9721e2009e20ef80a8d619e2d1788b7816d47"},
+ {file = "black-25.9.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:e3c1f4cd5e93842774d9ee4ef6cd8d17790e65f44f7cdbaab5f2cf8ccf22a823"},
+ {file = "black-25.9.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:154b06d618233fe468236ba1f0e40823d4eb08b26f5e9261526fde34916b9140"},
+ {file = "black-25.9.0-cp39-cp39-win_amd64.whl", hash = "sha256:e593466de7b998374ea2585a471ba90553283fb9beefcfa430d84a2651ed5933"},
+ {file = "black-25.9.0-py3-none-any.whl", hash = "sha256:474b34c1342cdc157d307b56c4c65bce916480c4a8f6551fdc6bf9b486a7c4ae"},
+ {file = "black-25.9.0.tar.gz", hash = "sha256:0474bca9a0dd1b51791fcc507a4e02078a1c63f6d4e4ae5544b9848c7adfb619"},
+]
+
+[package.dependencies]
+click = ">=8.0.0"
+mypy-extensions = ">=0.4.3"
+packaging = ">=22.0"
+pathspec = ">=0.9.0"
+platformdirs = ">=2"
+pytokens = ">=0.1.10"
+tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""}
+typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""}
+
+[package.extras]
+colorama = ["colorama (>=0.4.3)"]
+d = ["aiohttp (>=3.10)"]
+jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"]
+uvloop = ["uvloop (>=0.15.2)"]
+
[[package]]
name = "certifi"
version = "2025.8.3"
@@ -552,6 +614,39 @@ ssh = ["bcrypt (>=3.1.5)"]
test = ["certifi", "cryptography-vectors (==43.0.3)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"]
test-randomorder = ["pytest-randomly"]
+[[package]]
+name = "datamodel-code-generator"
+version = "0.33.0"
+description = "Datamodel Code Generator"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "datamodel_code_generator-0.33.0-py3-none-any.whl", hash = "sha256:e229264aa612b2d5bb4901bcd6c520a799ae0d5c19262577a0f876eb48afaaa3"},
+ {file = "datamodel_code_generator-0.33.0.tar.gz", hash = "sha256:7635ef788201d69bd3e98ba88ce6afe479400dc2737fe9d5e21f87408f352c08"},
+]
+
+[package.dependencies]
+argcomplete = ">=2.10.1,<4"
+black = ">=19.10b0"
+genson = ">=1.2.1,<2"
+inflect = ">=4.1,<8"
+isort = ">=4.3.21,<7"
+jinja2 = ">=2.10.1,<4"
+packaging = "*"
+pydantic = ">=1.5"
+pyyaml = ">=6.0.1"
+tomli = {version = ">=2.2.1,<3", markers = "python_version <= \"3.11\""}
+
+[package.extras]
+all = ["graphql-core (>=3.2.3)", "httpx (>=0.24.1)", "openapi-spec-validator (>=0.2.8,<0.7)", "prance (>=0.18.2)", "pysnooper (>=0.4.1,<2)", "ruff (>=0.9.10)"]
+debug = ["pysnooper (>=0.4.1,<2)"]
+graphql = ["graphql-core (>=3.2.3)"]
+http = ["httpx (>=0.24.1)"]
+ruff = ["ruff (>=0.9.10)"]
+validation = ["openapi-spec-validator (>=0.2.8,<0.7)", "prance (>=0.18.2)"]
+
[[package]]
name = "exceptiongroup"
version = "1.3.0"
@@ -673,6 +768,19 @@ files = [
{file = "frozenlist-1.5.0.tar.gz", hash = "sha256:81d5af29e61b9c8348e876d442253723928dce6433e0e76cd925cd83f1b4b817"},
]
+[[package]]
+name = "genson"
+version = "1.3.0"
+description = "GenSON is a powerful, user-friendly JSON Schema generator."
+optional = false
+python-versions = "*"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "genson-1.3.0-py3-none-any.whl", hash = "sha256:468feccd00274cc7e4c09e84b08704270ba8d95232aa280f65b986139cec67f7"},
+ {file = "genson-1.3.0.tar.gz", hash = "sha256:e02db9ac2e3fd29e65b5286f7135762e2cd8a986537c075b06fc5f1517308e37"},
+]
+
[[package]]
name = "idna"
version = "3.10"
@@ -688,6 +796,56 @@ files = [
[package.extras]
all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"]
+[[package]]
+name = "importlib-metadata"
+version = "8.7.0"
+description = "Read metadata from Python packages"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version == \"3.9\""
+files = [
+ {file = "importlib_metadata-8.7.0-py3-none-any.whl", hash = "sha256:e5dd1551894c77868a30651cef00984d50e1002d06942a7101d34870c5f02afd"},
+ {file = "importlib_metadata-8.7.0.tar.gz", hash = "sha256:d13b81ad223b890aa16c5471f2ac3056cf76c5f10f82d6f9292f0b415f389000"},
+]
+
+[package.dependencies]
+zipp = ">=3.20"
+
+[package.extras]
+check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\""]
+cover = ["pytest-cov"]
+doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"]
+enabler = ["pytest-enabler (>=2.2)"]
+perf = ["ipython"]
+test = ["flufl.flake8", "importlib_resources (>=1.3) ; python_version < \"3.9\"", "jaraco.test (>=5.4)", "packaging", "pyfakefs", "pytest (>=6,!=8.1.*)", "pytest-perf (>=0.9.2)"]
+type = ["pytest-mypy"]
+
+[[package]]
+name = "inflect"
+version = "7.5.0"
+description = "Correctly generate plurals, singular nouns, ordinals, indefinite articles"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "inflect-7.5.0-py3-none-any.whl", hash = "sha256:2aea70e5e70c35d8350b8097396ec155ffd68def678c7ff97f51aa69c1d92344"},
+ {file = "inflect-7.5.0.tar.gz", hash = "sha256:faf19801c3742ed5a05a8ce388e0d8fe1a07f8d095c82201eb904f5d27ad571f"},
+]
+
+[package.dependencies]
+more_itertools = ">=8.5.0"
+typeguard = ">=4.0.1"
+
+[package.extras]
+check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\""]
+cover = ["pytest-cov"]
+doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"]
+enabler = ["pytest-enabler (>=2.2)"]
+test = ["pygments", "pytest (>=6,!=8.1.*)"]
+type = ["pytest-mypy"]
+
[[package]]
name = "iniconfig"
version = "2.1.0"
@@ -700,6 +858,114 @@ files = [
{file = "iniconfig-2.1.0.tar.gz", hash = "sha256:3abbd2e30b36733fee78f9c7f7308f2d0050e88f0087fd25c2645f63c773e1c7"},
]
+[[package]]
+name = "isort"
+version = "6.0.1"
+description = "A Python utility / library to sort Python imports."
+optional = false
+python-versions = ">=3.9.0"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "isort-6.0.1-py3-none-any.whl", hash = "sha256:2dc5d7f65c9678d94c88dfc29161a320eec67328bc97aad576874cb4be1e9615"},
+ {file = "isort-6.0.1.tar.gz", hash = "sha256:1cb5df28dfbc742e490c5e41bad6da41b805b0a8be7bc93cd0fb2a8a890ac450"},
+]
+
+[package.extras]
+colors = ["colorama"]
+plugins = ["setuptools"]
+
+[[package]]
+name = "jinja2"
+version = "3.1.6"
+description = "A very fast and expressive template engine."
+optional = false
+python-versions = ">=3.7"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "jinja2-3.1.6-py3-none-any.whl", hash = "sha256:85ece4451f492d0c13c5dd7c13a64681a86afae63a5f347908daf103ce6d2f67"},
+ {file = "jinja2-3.1.6.tar.gz", hash = "sha256:0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d"},
+]
+
+[package.dependencies]
+MarkupSafe = ">=2.0"
+
+[package.extras]
+i18n = ["Babel (>=2.7)"]
+
+[[package]]
+name = "markupsafe"
+version = "3.0.2"
+description = "Safely add untrusted strings to HTML/XML markup."
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "MarkupSafe-3.0.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:7e94c425039cde14257288fd61dcfb01963e658efbc0ff54f5306b06054700f8"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9e2d922824181480953426608b81967de705c3cef4d1af983af849d7bd619158"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:38a9ef736c01fccdd6600705b09dc574584b89bea478200c5fbf112a6b0d5579"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bbcb445fa71794da8f178f0f6d66789a28d7319071af7a496d4d507ed566270d"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:57cb5a3cf367aeb1d316576250f65edec5bb3be939e9247ae594b4bcbc317dfb"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:3809ede931876f5b2ec92eef964286840ed3540dadf803dd570c3b7e13141a3b"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:e07c3764494e3776c602c1e78e298937c3315ccc9043ead7e685b7f2b8d47b3c"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:b424c77b206d63d500bcb69fa55ed8d0e6a3774056bdc4839fc9298a7edca171"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-win32.whl", hash = "sha256:fcabf5ff6eea076f859677f5f0b6b5c1a51e70a376b0579e0eadef8db48c6b50"},
+ {file = "MarkupSafe-3.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:6af100e168aa82a50e186c82875a5893c5597a0c1ccdb0d8b40240b1f28b969a"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:9025b4018f3a1314059769c7bf15441064b2207cb3f065e6ea1e7359cb46db9d"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:93335ca3812df2f366e80509ae119189886b0f3c2b81325d39efdb84a1e2ae93"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2cb8438c3cbb25e220c2ab33bb226559e7afb3baec11c4f218ffa7308603c832"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a123e330ef0853c6e822384873bef7507557d8e4a082961e1defa947aa59ba84"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1e084f686b92e5b83186b07e8a17fc09e38fff551f3602b249881fec658d3eca"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:d8213e09c917a951de9d09ecee036d5c7d36cb6cb7dbaece4c71a60d79fb9798"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:5b02fb34468b6aaa40dfc198d813a641e3a63b98c2b05a16b9f80b7ec314185e"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:0bff5e0ae4ef2e1ae4fdf2dfd5b76c75e5c2fa4132d05fc1b0dabcd20c7e28c4"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-win32.whl", hash = "sha256:6c89876f41da747c8d3677a2b540fb32ef5715f97b66eeb0c6b66f5e3ef6f59d"},
+ {file = "MarkupSafe-3.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:70a87b411535ccad5ef2f1df5136506a10775d267e197e4cf531ced10537bd6b"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:9778bd8ab0a994ebf6f84c2b949e65736d5575320a17ae8984a77fab08db94cf"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:846ade7b71e3536c4e56b386c2a47adf5741d2d8b94ec9dc3e92e5e1ee1e2225"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1c99d261bd2d5f6b59325c92c73df481e05e57f19837bdca8413b9eac4bd8028"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e17c96c14e19278594aa4841ec148115f9c7615a47382ecb6b82bd8fea3ab0c8"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:88416bd1e65dcea10bc7569faacb2c20ce071dd1f87539ca2ab364bf6231393c"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:2181e67807fc2fa785d0592dc2d6206c019b9502410671cc905d132a92866557"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:52305740fe773d09cffb16f8ed0427942901f00adedac82ec8b67752f58a1b22"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:ad10d3ded218f1039f11a75f8091880239651b52e9bb592ca27de44eed242a48"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-win32.whl", hash = "sha256:0f4ca02bea9a23221c0182836703cbf8930c5e9454bacce27e767509fa286a30"},
+ {file = "MarkupSafe-3.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:8e06879fc22a25ca47312fbe7c8264eb0b662f6db27cb2d3bbbc74b1df4b9b87"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:ba9527cdd4c926ed0760bc301f6728ef34d841f405abf9d4f959c478421e4efd"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:f8b3d067f2e40fe93e1ccdd6b2e1d16c43140e76f02fb1319a05cf2b79d99430"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:569511d3b58c8791ab4c2e1285575265991e6d8f8700c7be0e88f86cb0672094"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:15ab75ef81add55874e7ab7055e9c397312385bd9ced94920f2802310c930396"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f3818cb119498c0678015754eba762e0d61e5b52d34c8b13d770f0719f7b1d79"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:cdb82a876c47801bb54a690c5ae105a46b392ac6099881cdfb9f6e95e4014c6a"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:cabc348d87e913db6ab4aa100f01b08f481097838bdddf7c7a84b7575b7309ca"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:444dcda765c8a838eaae23112db52f1efaf750daddb2d9ca300bcae1039adc5c"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-win32.whl", hash = "sha256:bcf3e58998965654fdaff38e58584d8937aa3096ab5354d493c77d1fdd66d7a1"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:e6a2a455bd412959b57a172ce6328d2dd1f01cb2135efda2e4576e8a23fa3b0f"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-macosx_10_13_universal2.whl", hash = "sha256:b5a6b3ada725cea8a5e634536b1b01c30bcdcd7f9c6fff4151548d5bf6b3a36c"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:a904af0a6162c73e3edcb969eeeb53a63ceeb5d8cf642fade7d39e7963a22ddb"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4aa4e5faecf353ed117801a068ebab7b7e09ffb6e1d5e412dc852e0da018126c"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c0ef13eaeee5b615fb07c9a7dadb38eac06a0608b41570d8ade51c56539e509d"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d16a81a06776313e817c951135cf7340a3e91e8c1ff2fac444cfd75fffa04afe"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:6381026f158fdb7c72a168278597a5e3a5222e83ea18f543112b2662a9b699c5"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:3d79d162e7be8f996986c064d1c7c817f6df3a77fe3d6859f6f9e7be4b8c213a"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:131a3c7689c85f5ad20f9f6fb1b866f402c445b220c19fe4308c0b147ccd2ad9"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-win32.whl", hash = "sha256:ba8062ed2cf21c07a9e295d5b8a2a5ce678b913b45fdf68c32d95d6c1291e0b6"},
+ {file = "MarkupSafe-3.0.2-cp313-cp313t-win_amd64.whl", hash = "sha256:e444a31f8db13eb18ada366ab3cf45fd4b31e4db1236a4448f68778c1d1a5a2f"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:eaa0a10b7f72326f1372a713e73c3f739b524b3af41feb43e4921cb529f5929a"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:48032821bbdf20f5799ff537c7ac3d1fba0ba032cfc06194faffa8cda8b560ff"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1a9d3f5f0901fdec14d8d2f66ef7d035f2157240a433441719ac9a3fba440b13"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:88b49a3b9ff31e19998750c38e030fc7bb937398b1f78cfa599aaef92d693144"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cfad01eed2c2e0c01fd0ecd2ef42c492f7f93902e39a42fc9ee1692961443a29"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:1225beacc926f536dc82e45f8a4d68502949dc67eea90eab715dea3a21c1b5f0"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:3169b1eefae027567d1ce6ee7cae382c57fe26e82775f460f0b2778beaad66c0"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:eb7972a85c54febfb25b5c4b4f3af4dcc731994c7da0d8a0b4a6eb0640e1d178"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-win32.whl", hash = "sha256:8c4e8c3ce11e1f92f6536ff07154f9d49677ebaaafc32db9db4620bc11ed480f"},
+ {file = "MarkupSafe-3.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:6e296a513ca3d94054c2c881cc913116e90fd030ad1c656b3869762b754f5f8a"},
+ {file = "markupsafe-3.0.2.tar.gz", hash = "sha256:ee55d3edf80167e48ea11a923c7386f4669df67d7994554387f84e7d8b0a2bf0"},
+]
+
[[package]]
name = "mock"
version = "5.2.0"
@@ -717,6 +983,19 @@ build = ["blurb", "twine", "wheel"]
docs = ["sphinx"]
test = ["pytest", "pytest-cov"]
+[[package]]
+name = "more-itertools"
+version = "10.8.0"
+description = "More routines for operating on iterables, beyond itertools"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "more_itertools-10.8.0-py3-none-any.whl", hash = "sha256:52d4362373dcf7c52546bc4af9a86ee7c4579df9a8dc268be0a2f949d376cc9b"},
+ {file = "more_itertools-10.8.0.tar.gz", hash = "sha256:f638ddf8a1a0d134181275fb5d58b086ead7c6a72429ad725c67503f13ba30bd"},
+]
+
[[package]]
name = "multidict"
version = "6.1.0"
@@ -822,6 +1101,19 @@ files = [
[package.dependencies]
typing-extensions = {version = ">=4.1.0", markers = "python_version < \"3.11\""}
+[[package]]
+name = "mypy-extensions"
+version = "1.1.0"
+description = "Type system extensions for programs checked with the mypy type checker."
+optional = false
+python-versions = ">=3.8"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "mypy_extensions-1.1.0-py3-none-any.whl", hash = "sha256:1be4cccdb0f2482337c4743e60421de3a356cd97508abadd57d47403e94f5505"},
+ {file = "mypy_extensions-1.1.0.tar.gz", hash = "sha256:52e68efc3284861e772bbcd66823fde5ae21fd2fdb51c62a211403730b916558"},
+]
+
[[package]]
name = "packaging"
version = "25.0"
@@ -834,6 +1126,19 @@ files = [
{file = "packaging-25.0.tar.gz", hash = "sha256:d443872c98d677bf60f6a1f2f8c1cb748e8fe762d2bf9d3148b5599295b0fc4f"},
]
+[[package]]
+name = "pathspec"
+version = "0.12.1"
+description = "Utility library for gitignore style pattern matching of file paths."
+optional = false
+python-versions = ">=3.8"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"},
+ {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"},
+]
+
[[package]]
name = "pipx"
version = "1.7.1"
@@ -1008,6 +1313,142 @@ files = [
{file = "pycparser-2.23.tar.gz", hash = "sha256:78816d4f24add8f10a06d6f05b4d424ad9e96cfebf68a4ddc99c65c0720d00c2"},
]
+[[package]]
+name = "pydantic"
+version = "2.11.9"
+description = "Data validation using Python type hints"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "pydantic-2.11.9-py3-none-any.whl", hash = "sha256:c42dd626f5cfc1c6950ce6205ea58c93efa406da65f479dcb4029d5934857da2"},
+ {file = "pydantic-2.11.9.tar.gz", hash = "sha256:6b8ffda597a14812a7975c90b82a8a2e777d9257aba3453f973acd3c032a18e2"},
+]
+
+[package.dependencies]
+annotated-types = ">=0.6.0"
+pydantic-core = "2.33.2"
+typing-extensions = ">=4.12.2"
+typing-inspection = ">=0.4.0"
+
+[package.extras]
+email = ["email-validator (>=2.0.0)"]
+timezone = ["tzdata ; python_version >= \"3.9\" and platform_system == \"Windows\""]
+
+[[package]]
+name = "pydantic-core"
+version = "2.33.2"
+description = "Core functionality for Pydantic validation and serialization"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "pydantic_core-2.33.2-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:2b3d326aaef0c0399d9afffeb6367d5e26ddc24d351dbc9c636840ac355dc5d8"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:0e5b2671f05ba48b94cb90ce55d8bdcaaedb8ba00cc5359f6810fc918713983d"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0069c9acc3f3981b9ff4cdfaf088e98d83440a4c7ea1bc07460af3d4dc22e72d"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:d53b22f2032c42eaaf025f7c40c2e3b94568ae077a606f006d206a463bc69572"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:0405262705a123b7ce9f0b92f123334d67b70fd1f20a9372b907ce1080c7ba02"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4b25d91e288e2c4e0662b8038a28c6a07eaac3e196cfc4ff69de4ea3db992a1b"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6bdfe4b3789761f3bcb4b1ddf33355a71079858958e3a552f16d5af19768fef2"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:efec8db3266b76ef9607c2c4c419bdb06bf335ae433b80816089ea7585816f6a"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:031c57d67ca86902726e0fae2214ce6770bbe2f710dc33063187a68744a5ecac"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-musllinux_1_1_armv7l.whl", hash = "sha256:f8de619080e944347f5f20de29a975c2d815d9ddd8be9b9b7268e2e3ef68605a"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:73662edf539e72a9440129f231ed3757faab89630d291b784ca99237fb94db2b"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-win32.whl", hash = "sha256:0a39979dcbb70998b0e505fb1556a1d550a0781463ce84ebf915ba293ccb7e22"},
+ {file = "pydantic_core-2.33.2-cp310-cp310-win_amd64.whl", hash = "sha256:b0379a2b24882fef529ec3b4987cb5d003b9cda32256024e6fe1586ac45fc640"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:4c5b0a576fb381edd6d27f0a85915c6daf2f8138dc5c267a57c08a62900758c7"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:e799c050df38a639db758c617ec771fd8fb7a5f8eaaa4b27b101f266b216a246"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dc46a01bf8d62f227d5ecee74178ffc448ff4e5197c756331f71efcc66dc980f"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:a144d4f717285c6d9234a66778059f33a89096dfb9b39117663fd8413d582dcc"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:73cf6373c21bc80b2e0dc88444f41ae60b2f070ed02095754eb5a01df12256de"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3dc625f4aa79713512d1976fe9f0bc99f706a9dee21dfd1810b4bbbf228d0e8a"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:881b21b5549499972441da4758d662aeea93f1923f953e9cbaff14b8b9565aef"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:bdc25f3681f7b78572699569514036afe3c243bc3059d3942624e936ec93450e"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:fe5b32187cbc0c862ee201ad66c30cf218e5ed468ec8dc1cf49dec66e160cc4d"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-musllinux_1_1_armv7l.whl", hash = "sha256:bc7aee6f634a6f4a95676fcb5d6559a2c2a390330098dba5e5a5f28a2e4ada30"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:235f45e5dbcccf6bd99f9f472858849f73d11120d76ea8707115415f8e5ebebf"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-win32.whl", hash = "sha256:6368900c2d3ef09b69cb0b913f9f8263b03786e5b2a387706c5afb66800efd51"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-win_amd64.whl", hash = "sha256:1e063337ef9e9820c77acc768546325ebe04ee38b08703244c1309cccc4f1bab"},
+ {file = "pydantic_core-2.33.2-cp311-cp311-win_arm64.whl", hash = "sha256:6b99022f1d19bc32a4c2a0d544fc9a76e3be90f0b3f4af413f87d38749300e65"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-macosx_10_12_x86_64.whl", hash = "sha256:a7ec89dc587667f22b6a0b6579c249fca9026ce7c333fc142ba42411fa243cdc"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:3c6db6e52c6d70aa0d00d45cdb9b40f0433b96380071ea80b09277dba021ddf7"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e61206137cbc65e6d5256e1166f88331d3b6238e082d9f74613b9b765fb9025"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:eb8c529b2819c37140eb51b914153063d27ed88e3bdc31b71198a198e921e011"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c52b02ad8b4e2cf14ca7b3d918f3eb0ee91e63b3167c32591e57c4317e134f8f"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:96081f1605125ba0855dfda83f6f3df5ec90c61195421ba72223de35ccfb2f88"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8f57a69461af2a5fa6e6bbd7a5f60d3b7e6cebb687f55106933188e79ad155c1"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:572c7e6c8bb4774d2ac88929e3d1f12bc45714ae5ee6d9a788a9fb35e60bb04b"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:db4b41f9bd95fbe5acd76d89920336ba96f03e149097365afe1cb092fceb89a1"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-musllinux_1_1_armv7l.whl", hash = "sha256:fa854f5cf7e33842a892e5c73f45327760bc7bc516339fda888c75ae60edaeb6"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:5f483cfb75ff703095c59e365360cb73e00185e01aaea067cd19acffd2ab20ea"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-win32.whl", hash = "sha256:9cb1da0f5a471435a7bc7e439b8a728e8b61e59784b2af70d7c169f8dd8ae290"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-win_amd64.whl", hash = "sha256:f941635f2a3d96b2973e867144fde513665c87f13fe0e193c158ac51bfaaa7b2"},
+ {file = "pydantic_core-2.33.2-cp312-cp312-win_arm64.whl", hash = "sha256:cca3868ddfaccfbc4bfb1d608e2ccaaebe0ae628e1416aeb9c4d88c001bb45ab"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-macosx_10_12_x86_64.whl", hash = "sha256:1082dd3e2d7109ad8b7da48e1d4710c8d06c253cbc4a27c1cff4fbcaa97a9e3f"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:f517ca031dfc037a9c07e748cefd8d96235088b83b4f4ba8939105d20fa1dcd6"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0a9f2c9dd19656823cb8250b0724ee9c60a82f3cdf68a080979d13092a3b0fef"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:2b0a451c263b01acebe51895bfb0e1cc842a5c666efe06cdf13846c7418caa9a"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1ea40a64d23faa25e62a70ad163571c0b342b8bf66d5fa612ac0dec4f069d916"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:0fb2d542b4d66f9470e8065c5469ec676978d625a8b7a363f07d9a501a9cb36a"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9fdac5d6ffa1b5a83bca06ffe7583f5576555e6c8b3a91fbd25ea7780f825f7d"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:04a1a413977ab517154eebb2d326da71638271477d6ad87a769102f7c2488c56"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:c8e7af2f4e0194c22b5b37205bfb293d166a7344a5b0d0eaccebc376546d77d5"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-musllinux_1_1_armv7l.whl", hash = "sha256:5c92edd15cd58b3c2d34873597a1e20f13094f59cf88068adb18947df5455b4e"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:65132b7b4a1c0beded5e057324b7e16e10910c106d43675d9bd87d4f38dde162"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-win32.whl", hash = "sha256:52fb90784e0a242bb96ec53f42196a17278855b0f31ac7c3cc6f5c1ec4811849"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-win_amd64.whl", hash = "sha256:c083a3bdd5a93dfe480f1125926afcdbf2917ae714bdb80b36d34318b2bec5d9"},
+ {file = "pydantic_core-2.33.2-cp313-cp313-win_arm64.whl", hash = "sha256:e80b087132752f6b3d714f041ccf74403799d3b23a72722ea2e6ba2e892555b9"},
+ {file = "pydantic_core-2.33.2-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:61c18fba8e5e9db3ab908620af374db0ac1baa69f0f32df4f61ae23f15e586ac"},
+ {file = "pydantic_core-2.33.2-cp313-cp313t-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:95237e53bb015f67b63c91af7518a62a8660376a6a0db19b89acc77a4d6199f5"},
+ {file = "pydantic_core-2.33.2-cp313-cp313t-win_amd64.whl", hash = "sha256:c2fc0a768ef76c15ab9238afa6da7f69895bb5d1ee83aeea2e3509af4472d0b9"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:a2b911a5b90e0374d03813674bf0a5fbbb7741570dcd4b4e85a2e48d17def29d"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:6fa6dfc3e4d1f734a34710f391ae822e0a8eb8559a85c6979e14e65ee6ba2954"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c54c939ee22dc8e2d545da79fc5381f1c020d6d3141d3bd747eab59164dc89fb"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:53a57d2ed685940a504248187d5685e49eb5eef0f696853647bf37c418c538f7"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:09fb9dd6571aacd023fe6aaca316bd01cf60ab27240d7eb39ebd66a3a15293b4"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:0e6116757f7959a712db11f3e9c0a99ade00a5bbedae83cb801985aa154f071b"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8d55ab81c57b8ff8548c3e4947f119551253f4e3787a7bbc0b6b3ca47498a9d3"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:c20c462aa4434b33a2661701b861604913f912254e441ab8d78d30485736115a"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:44857c3227d3fb5e753d5fe4a3420d6376fa594b07b621e220cd93703fe21782"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-musllinux_1_1_armv7l.whl", hash = "sha256:eb9b459ca4df0e5c87deb59d37377461a538852765293f9e6ee834f0435a93b9"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:9fcd347d2cc5c23b06de6d3b7b8275be558a0c90549495c699e379a80bf8379e"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-win32.whl", hash = "sha256:83aa99b1285bc8f038941ddf598501a86f1536789740991d7d8756e34f1e74d9"},
+ {file = "pydantic_core-2.33.2-cp39-cp39-win_amd64.whl", hash = "sha256:f481959862f57f29601ccced557cc2e817bce7533ab8e01a797a48b49c9692b3"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:5c4aa4e82353f65e548c476b37e64189783aa5384903bfea4f41580f255fddfa"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:d946c8bf0d5c24bf4fe333af284c59a19358aa3ec18cb3dc4370080da1e8ad29"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:87b31b6846e361ef83fedb187bb5b4372d0da3f7e28d85415efa92d6125d6e6d"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:aa9d91b338f2df0508606f7009fde642391425189bba6d8c653afd80fd6bb64e"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:2058a32994f1fde4ca0480ab9d1e75a0e8c87c22b53a3ae66554f9af78f2fe8c"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:0e03262ab796d986f978f79c943fc5f620381be7287148b8010b4097f79a39ec"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-musllinux_1_1_armv7l.whl", hash = "sha256:1a8695a8d00c73e50bff9dfda4d540b7dee29ff9b8053e38380426a85ef10052"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:fa754d1850735a0b0e03bcffd9d4b4343eb417e47196e4485d9cca326073a42c"},
+ {file = "pydantic_core-2.33.2-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:a11c8d26a50bfab49002947d3d237abe4d9e4b5bdc8846a63537b6488e197808"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-macosx_10_12_x86_64.whl", hash = "sha256:dd14041875d09cc0f9308e37a6f8b65f5585cf2598a53aa0123df8b129d481f8"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-macosx_11_0_arm64.whl", hash = "sha256:d87c561733f66531dced0da6e864f44ebf89a8fba55f31407b00c2f7f9449593"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2f82865531efd18d6e07a04a17331af02cb7a651583c418df8266f17a63c6612"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2bfb5112df54209d820d7bf9317c7a6c9025ea52e49f46b6a2060104bba37de7"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:64632ff9d614e5eecfb495796ad51b0ed98c453e447a76bcbeeb69615079fc7e"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:f889f7a40498cc077332c7ab6b4608d296d852182211787d4f3ee377aaae66e8"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-musllinux_1_1_armv7l.whl", hash = "sha256:de4b83bb311557e439b9e186f733f6c645b9417c84e2eb8203f3f820a4b988bf"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:82f68293f055f51b51ea42fafc74b6aad03e70e191799430b90c13d643059ebb"},
+ {file = "pydantic_core-2.33.2-pp311-pypy311_pp73-win_amd64.whl", hash = "sha256:329467cecfb529c925cf2bbd4d60d2c509bc2fb52a20c1045bf09bb70971a9c1"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:87acbfcf8e90ca885206e98359d7dca4bcbb35abdc0ff66672a293e1d7a19101"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:7f92c15cd1e97d4b12acd1cc9004fa092578acfa57b67ad5e43a197175d01a64"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d3f26877a748dc4251cfcfda9dfb5f13fcb034f5308388066bcfe9031b63ae7d"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dac89aea9af8cd672fa7b510e7b8c33b0bba9a43186680550ccf23020f32d535"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:970919794d126ba8645f3837ab6046fb4e72bbc057b3709144066204c19a455d"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-musllinux_1_1_aarch64.whl", hash = "sha256:3eb3fe62804e8f859c49ed20a8451342de53ed764150cb14ca71357c765dc2a6"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-musllinux_1_1_armv7l.whl", hash = "sha256:3abcd9392a36025e3bd55f9bd38d908bd17962cc49bc6da8e7e96285336e2bca"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-musllinux_1_1_x86_64.whl", hash = "sha256:3a1c81334778f9e3af2f8aeb7a960736e5cab1dfebfb26aabca09afd2906c039"},
+ {file = "pydantic_core-2.33.2-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:2807668ba86cb38c6817ad9bc66215ab8584d1d304030ce4f0887336f28a5e27"},
+ {file = "pydantic_core-2.33.2.tar.gz", hash = "sha256:7cb8bc3605c29176e1b105350d2e6474142d7c1bd1d9327c4a9bdb46bf827acc"},
+]
+
+[package.dependencies]
+typing-extensions = ">=4.6.0,<4.7.0 || >4.7.0"
+
[[package]]
name = "pyjwt"
version = "2.9.0"
@@ -1107,6 +1548,22 @@ pytest = ">=4.6"
[package.extras]
testing = ["fields", "hunter", "process-tests", "pytest-xdist", "six", "virtualenv"]
+[[package]]
+name = "pytokens"
+version = "0.1.10"
+description = "A Fast, spec compliant Python 3.12+ tokenizer that runs on older Pythons."
+optional = false
+python-versions = ">=3.8"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "pytokens-0.1.10-py3-none-any.whl", hash = "sha256:db7b72284e480e69fb085d9f251f66b3d2df8b7166059261258ff35f50fb711b"},
+ {file = "pytokens-0.1.10.tar.gz", hash = "sha256:c9a4bfa0be1d26aebce03e6884ba454e842f186a59ea43a6d3b25af58223c044"},
+]
+
+[package.extras]
+dev = ["black", "build", "mypy", "pytest", "pytest-cov", "setuptools", "tox", "twine", "wheel"]
+
[[package]]
name = "pyyaml"
version = "6.0.2"
@@ -1219,7 +1676,7 @@ description = "A lil' TOML parser"
optional = false
python-versions = ">=3.8"
groups = ["dev"]
-markers = "python_full_version <= \"3.11.0a6\""
+markers = "python_version <= \"3.11\""
files = [
{file = "tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249"},
{file = "tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6"},
@@ -1255,19 +1712,51 @@ files = [
{file = "tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff"},
]
+[[package]]
+name = "typeguard"
+version = "4.4.4"
+description = "Run-time type checker for Python"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "typeguard-4.4.4-py3-none-any.whl", hash = "sha256:b5f562281b6bfa1f5492470464730ef001646128b180769880468bd84b68b09e"},
+ {file = "typeguard-4.4.4.tar.gz", hash = "sha256:3a7fd2dffb705d4d0efaed4306a704c89b9dee850b688f060a8b1615a79e5f74"},
+]
+
+[package.dependencies]
+importlib_metadata = {version = ">=3.6", markers = "python_version < \"3.10\""}
+typing_extensions = ">=4.14.0"
+
[[package]]
name = "typing-extensions"
-version = "4.13.2"
-description = "Backported and Experimental Type Hints for Python 3.8+"
+version = "4.15.0"
+description = "Backported and Experimental Type Hints for Python 3.9+"
optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.9"
groups = ["main", "dev"]
-markers = "python_version < \"3.11\""
files = [
- {file = "typing_extensions-4.13.2-py3-none-any.whl", hash = "sha256:a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c"},
- {file = "typing_extensions-4.13.2.tar.gz", hash = "sha256:e6c81219bd689f51865d9e372991c540bda33a0379d5573cddb9a3a23f7caaef"},
+ {file = "typing_extensions-4.15.0-py3-none-any.whl", hash = "sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548"},
+ {file = "typing_extensions-4.15.0.tar.gz", hash = "sha256:0cea48d173cc12fa28ecabc3b837ea3cf6f38c6d1136f85cbaaf598984861466"},
]
+[[package]]
+name = "typing-inspection"
+version = "0.4.1"
+description = "Runtime typing introspection tools"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version >= \"3.9\""
+files = [
+ {file = "typing_inspection-0.4.1-py3-none-any.whl", hash = "sha256:389055682238f53b04f7badcb49b989835495a96700ced5dab2d8feae4b26f51"},
+ {file = "typing_inspection-0.4.1.tar.gz", hash = "sha256:6ae134cc0203c33377d43188d4064e9b357dba58cff3185f22924610e70a9d28"},
+]
+
+[package.dependencies]
+typing-extensions = ">=4.12.0"
+
[[package]]
name = "urllib3"
version = "2.2.3"
@@ -1414,7 +1903,28 @@ idna = ">=2.0"
multidict = ">=4.0"
propcache = ">=0.2.0"
+[[package]]
+name = "zipp"
+version = "3.23.0"
+description = "Backport of pathlib-compatible object wrapper for zip files"
+optional = false
+python-versions = ">=3.9"
+groups = ["dev"]
+markers = "python_version == \"3.9\""
+files = [
+ {file = "zipp-3.23.0-py3-none-any.whl", hash = "sha256:071652d6115ed432f5ce1d34c336c0adfd6a884660d1e9712a256d3d3bd4b14e"},
+ {file = "zipp-3.23.0.tar.gz", hash = "sha256:a07157588a12518c9d4034df3fbbee09c814741a33ff63c05fa29d26a2404166"},
+]
+
+[package.extras]
+check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\""]
+cover = ["pytest-cov"]
+doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"]
+enabler = ["pytest-enabler (>=2.2)"]
+test = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more_itertools", "pytest (>=6,!=8.1.*)", "pytest-ignore-flaky"]
+type = ["pytest-mypy"]
+
[metadata]
lock-version = "2.1"
python-versions = ">=3.8"
-content-hash = "f2b4849cb247bdefbbc9b155d28c5e1bcf9b4ca3c2c92defd30b21206018fa3f"
+content-hash = "eaf7a67cec29e60ff5953ea2f04694e934f659cf00eeb9df9fe3faabe85a8a11"
diff --git a/pyproject.toml b/pyproject.toml
index 83c499fa..778087a5 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -32,6 +32,7 @@ cryptography = ">=43.0.1" # pyjwt has a weak dependency on cryptography
pyjwt = ">=2.8.0"
requests = ">=2.32.3"
urllib3 = ">=2.2.3" # requests has a weak dependency on urllib3
+typing-extensions = { version = ">=4.15.0", python = ">=3.9" }
[tool.poetry.group.dev.dependencies]
aioresponses = "^0.7.8"
@@ -42,3 +43,18 @@ pytest-aiohttp = "^1.0.4"
pytest-asyncio = ">=0.21.1,<0.24.0"
pytest-cov = "^4.1.0"
responses = ">=0.23.3,<0.26.0"
+datamodel-code-generator = { version = ">=0.33.0", python = ">=3.9" }
+
+[tool.poetry.scripts]
+# download the latest OpenAPI spec from Auth0 and save it as openapi.management.json
+download-openapi = "scripts.download_openapi:main"
+# generate models using the configuration below
+datamodel-codegen = "datamodel_code_generator.__main__:main"
+
+# https://koxudaxi.github.io/datamodel-code-generator/#all-command-options
+# https://koxudaxi.github.io/datamodel-code-generator/pyproject_toml/
+[tool.datamodel-codegen]
+input = "openapi.management.json"
+input-file-type = "openapi"
+output = "auth0/management/models.py"
+output-model-type = "typing.TypedDict"
diff --git a/scripts/download_openapi.py b/scripts/download_openapi.py
new file mode 100644
index 00000000..f8b0ecf3
--- /dev/null
+++ b/scripts/download_openapi.py
@@ -0,0 +1,38 @@
+import json
+import requests
+
+from pathlib import Path
+
+openapi_management_url = 'https://auth0.com/docs/api/management/openapi.json'
+openapi_management_path = Path.cwd() / 'openapi.management.json'
+
+def read_json_file(path: Path) -> dict:
+ with path.open('r', encoding='utf-8') as f:
+ return json.load(f)
+
+def download_file(url: str, path: Path, timeout=10) -> None:
+ with requests.get(url, stream=True, timeout=timeout) as response:
+ response.raise_for_status()
+ with path.open('wb') as out_file:
+ for chunk in response.iter_content(chunk_size=None):
+ out_file.write(chunk)
+
+def main():
+ if openapi_management_path.exists():
+ print(f'Reading current file {openapi_management_path.name}')
+ current_openapi_management = read_json_file(openapi_management_path)
+ current_title = current_openapi_management['info']['title']
+ current_version = current_openapi_management['info']['version']
+ print(f'Current title: {current_title}, version: {current_version}')
+
+ print(f'Downloading {openapi_management_url} to {openapi_management_path.name}')
+ download_file(openapi_management_url, openapi_management_path)
+
+ print(f'Reading new file {openapi_management_path.name}')
+ new_openapi_management = read_json_file(openapi_management_path)
+ new_title = new_openapi_management['info']['title']
+ new_version = new_openapi_management['info']['version']
+ print(f'New title: {new_title}, version: {new_version}')
+
+if __name__ == "__main__":
+ main()