From 798a0acf9c40c845e5c7bbee81135789c6301efb Mon Sep 17 00:00:00 2001 From: pfvatterott Date: Fri, 12 Dec 2025 08:51:26 -0700 Subject: [PATCH 1/3] Isolated org apis --- propelauth_fastapi/__init__.py | 37 +++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/propelauth_fastapi/__init__.py b/propelauth_fastapi/__init__.py index 3af3303..b608a61 100644 --- a/propelauth_fastapi/__init__.py +++ b/propelauth_fastapi/__init__.py @@ -17,6 +17,7 @@ from propelauth_py.api import ( OrgQueryOrderBy, UserQueryOrderBy, + SsoTrustLevel, ) _security = HTTPBearer(auto_error=False) @@ -169,11 +170,11 @@ def validate_access_token_and_get_user(self, authorization_header: str) -> User: def fetch_user_metadata_by_user_id(self, user_id: str, include_orgs: bool = False): return self.auth.fetch_user_metadata_by_user_id(user_id, include_orgs) - def fetch_user_metadata_by_email(self, email: str, include_orgs: bool = False): - return self.auth.fetch_user_metadata_by_email(email, include_orgs) + def fetch_user_metadata_by_email(self, email: str, include_orgs: bool = False, isolated_org_id: Optional[str] = None): + return self.auth.fetch_user_metadata_by_email(email, include_orgs, isolated_org_id) - def fetch_user_metadata_by_username(self, username: str, include_orgs: bool = False): - return self.auth.fetch_user_metadata_by_username(username, include_orgs) + def fetch_user_metadata_by_username(self, username: str, include_orgs: bool = False, isolated_org_id: Optional[str] = None): + return self.auth.fetch_user_metadata_by_username(username, include_orgs, isolated_org_id) def fetch_user_signup_query_params_by_user_id(self, user_id: str): return self.auth.fetch_user_signup_query_params_by_user_id(user_id) @@ -204,9 +205,9 @@ def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, org_i def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None ): - return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) + return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -328,10 +329,11 @@ def update_org_metadata( domain: Optional[str] = None, require_2fa_by: Optional[str] = None, extra_domains: Optional[List[str]] = None, + sso_trust_level: Optional[SsoTrustLevel] = None ): return self.auth.update_org_metadata( org_id, name, can_setup_saml, metadata, max_users, - can_join_on_email_domain_match, members_must_have_email_domain_match, domain, require_2fa_by, extra_domains + can_join_on_email_domain_match, members_must_have_email_domain_match, domain, require_2fa_by, extra_domains, sso_trust_level ) def subscribe_org_to_role_mapping(self, org_id: str, custom_role_mapping_name: str): @@ -530,6 +532,9 @@ def verify_sms_challenge( def fetch_employee_by_id(self, employee_id: str): return self.auth.fetch_employee_by_id(employee_id) + def migrate_org_to_isolated(self, org_id: str): + return self.auth.migrate_org_to_isolated(org_id) + class FastAPIAuthAsync(): def __init__( self, @@ -619,11 +624,11 @@ def validate_access_token_and_get_user(self, authorization_header: str) -> User: async def fetch_user_metadata_by_user_id(self, user_id: str, include_orgs: bool = False): return await self.auth.fetch_user_metadata_by_user_id(user_id, include_orgs) - async def fetch_user_metadata_by_email(self, email: str, include_orgs: bool = False): - return await self.auth.fetch_user_metadata_by_email(email, include_orgs) + async def fetch_user_metadata_by_email(self, email: str, include_orgs: bool = False, isolated_org_id: Optional[str] = None): + return await self.auth.fetch_user_metadata_by_email(email, include_orgs, isolated_org_id) - async def fetch_user_metadata_by_username(self, username: str, include_orgs: bool = False): - return await self.auth.fetch_user_metadata_by_username(username, include_orgs) + async def fetch_user_metadata_by_username(self, username: str, include_orgs: bool = False, isolated_org_id: Optional[str] = None): + return await self.auth.fetch_user_metadata_by_username(username, include_orgs, isolated_org_id) async def fetch_user_signup_query_params_by_user_id(self, user_id: str): return await self.auth.fetch_user_signup_query_params_by_user_id(user_id) @@ -654,9 +659,9 @@ async def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, async def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None ): - return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) + return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) async def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -778,10 +783,11 @@ async def update_org_metadata( domain: Optional[str] = None, require_2fa_by: Optional[str] = None, extra_domains: Optional[List[str]] = None, + sso_trust_level: Optional[SsoTrustLevel] = None ): return await self.auth.update_org_metadata( org_id, name, can_setup_saml, metadata, max_users, - can_join_on_email_domain_match, members_must_have_email_domain_match, domain, require_2fa_by, extra_domains + can_join_on_email_domain_match, members_must_have_email_domain_match, domain, require_2fa_by, extra_domains, sso_trust_level ) async def subscribe_org_to_role_mapping(self, org_id: str, custom_role_mapping_name: str): @@ -992,6 +998,9 @@ async def fetch_employee_by_id(self, employee_id: str): return await self.auth.fetch_employee_by_id( employee_id ) + + async def migrate_org_to_isolated(self, org_id: str): + return await self.auth.migrate_org_to_isolated(org_id) def init_auth( From 1f61e36337abae133da810d9192183c3e22b3142 Mon Sep 17 00:00:00 2001 From: pfvatterott Date: Mon, 5 Jan 2026 12:37:05 -0700 Subject: [PATCH 2/3] remove isolated_org_id from fetch_users_by_query --- propelauth_fastapi/__init__.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/propelauth_fastapi/__init__.py b/propelauth_fastapi/__init__.py index b608a61..34d978a 100644 --- a/propelauth_fastapi/__init__.py +++ b/propelauth_fastapi/__init__.py @@ -205,9 +205,9 @@ def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, org_i def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None ): - return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) + return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -659,9 +659,9 @@ async def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, async def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None ): - return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) + return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) async def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -1027,4 +1027,3 @@ def init_auth_async( """Fetches metadata required to validate access tokens and returns auth decorators and utilities""" return FastAPIAuthAsync(auth_url=auth_url, integration_api_key=api_key, token_verification_metadata=token_verification_metadata, debug_mode=debug_mode, httpx_client=httpx_client) - From f6b6436adebb32fdbccdd5f25015fa0ff4b5eedf Mon Sep 17 00:00:00 2001 From: pfvatterott Date: Mon, 5 Jan 2026 13:30:37 -0700 Subject: [PATCH 3/3] Revert "remove isolated_org_id from fetch_users_by_query" This reverts commit 1f61e36337abae133da810d9192183c3e22b3142. --- propelauth_fastapi/__init__.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/propelauth_fastapi/__init__.py b/propelauth_fastapi/__init__.py index 34d978a..b608a61 100644 --- a/propelauth_fastapi/__init__.py +++ b/propelauth_fastapi/__init__.py @@ -205,9 +205,9 @@ def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, org_i def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None ): - return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) + return self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -659,9 +659,9 @@ async def fetch_pending_invites(self, page_number: int = 0, page_size: int = 10, async def fetch_users_by_query( self, page_size: int = 10, page_number: int = 0, order_by: UserQueryOrderBy = UserQueryOrderBy.CREATED_AT_ASC, - email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None + email_or_username: Optional[str] = None, include_orgs: bool = False, legacy_user_id: Optional[str] = None, isolated_org_id: Optional[str] = None ): - return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id) + return await self.auth.fetch_users_by_query(page_size, page_number, order_by, email_or_username, include_orgs, legacy_user_id, isolated_org_id) async def fetch_users_in_org( self, org_id: str, page_size: int = 10, page_number: int = 0, include_orgs: bool = False, role: Optional[str] = None @@ -1027,3 +1027,4 @@ def init_auth_async( """Fetches metadata required to validate access tokens and returns auth decorators and utilities""" return FastAPIAuthAsync(auth_url=auth_url, integration_api_key=api_key, token_verification_metadata=token_verification_metadata, debug_mode=debug_mode, httpx_client=httpx_client) +