diff --git a/.fern/metadata.json b/.fern/metadata.json
index f1401254..3753a0a5 100644
--- a/.fern/metadata.json
+++ b/.fern/metadata.json
@@ -1,5 +1,5 @@
{
- "cliVersion": "5.32.1",
+ "cliVersion": "5.37.10",
"generatorName": "fernapi/fern-ruby-sdk",
"generatorVersion": "1.12.11",
"generatorConfig": {
@@ -10,9 +10,8 @@
"offsetSemantics": "page-index",
"useDefaultRequestParameterValues": true
},
- "originGitCommit": "219914accde9916f411f553a3e3eb35a8478eaaf",
+ "originGitCommit": "2dea4e576b178b1445800474192bb8d8d60baaf3",
"originGitCommitIsDirty": true,
"invokedBy": "manual",
- "requestedVersion": "6.0.0",
- "sdkVersion": "6.0.0"
+ "sdkVersion": "5.19.1"
}
\ No newline at end of file
diff --git a/lib/auth0.rb b/lib/auth0.rb
index d05e7b10..ebf2f741 100644
--- a/lib/auth0.rb
+++ b/lib/auth0.rb
@@ -2340,6 +2340,8 @@
require_relative "auth0/types/session_cookie_schema"
require_relative "auth0/types/supported_locales"
require_relative "auth0/types/tenant_oidc_logout_settings"
+require_relative "auth0/types/tenant_settings_country_codes_mode_response"
+require_relative "auth0/types/tenant_settings_country_codes_response"
require_relative "auth0/types/tenant_settings_device_flow_charset"
require_relative "auth0/types/tenant_settings_device_flow"
require_relative "auth0/types/tenant_settings_dynamic_client_registration_security_mode"
@@ -2397,6 +2399,8 @@
require_relative "auth0/types/list_flows_request_parameters_hydrate_enum"
require_relative "auth0/types/list_flows_vault_connections_offset_paginated_response_content"
require_relative "auth0/types/list_forms_offset_paginated_response_content"
+require_relative "auth0/types/role"
+require_relative "auth0/types/list_group_roles_response_content"
require_relative "auth0/types/list_groups_paginated_response_content"
require_relative "auth0/types/mfa_policy_enum"
require_relative "auth0/types/list_guardian_policies_response_content"
@@ -2413,9 +2417,14 @@
require_relative "auth0/types/list_organization_connections_offset_paginated_response_content"
require_relative "auth0/types/organization_discovery_domain"
require_relative "auth0/types/list_organization_discovery_domains_response_content"
+require_relative "auth0/types/list_organization_group_roles_response_content"
+require_relative "auth0/types/list_organization_groups_response_content"
require_relative "auth0/types/organization_invitation"
require_relative "auth0/types/list_organization_invitations_offset_paginated_response_content"
-require_relative "auth0/types/role"
+require_relative "auth0/types/organization_member_effective_role_source"
+require_relative "auth0/types/organization_member_effective_role"
+require_relative "auth0/types/list_organization_member_effective_roles_response_content"
+require_relative "auth0/types/list_organization_member_role_source_groups_response_content"
require_relative "auth0/types/list_organization_member_roles_offset_paginated_response_content"
require_relative "auth0/types/organization_member_role"
require_relative "auth0/types/organization_member"
@@ -2428,6 +2437,7 @@
require_relative "auth0/types/list_refresh_tokens_paginated_response_content"
require_relative "auth0/types/resource_server"
require_relative "auth0/types/list_resource_server_offset_paginated_response_content"
+require_relative "auth0/types/list_role_groups_response_content"
require_relative "auth0/types/permissions_response_payload"
require_relative "auth0/types/list_role_permissions_offset_paginated_response_content"
require_relative "auth0/types/role_user"
@@ -2454,11 +2464,21 @@
require_relative "auth0/types/list_user_blocks_by_identifier_response_content"
require_relative "auth0/types/list_user_blocks_response_content"
require_relative "auth0/types/list_user_connected_accounts_response_content"
+require_relative "auth0/types/user_effective_permission_role_source_enum"
+require_relative "auth0/types/user_effective_permission_role_source_response_content"
+require_relative "auth0/types/list_user_effective_permission_role_sources_response_content"
+require_relative "auth0/types/user_effective_permission_source_enum"
+require_relative "auth0/types/user_effective_permission_response_content"
+require_relative "auth0/types/list_user_effective_permissions_response_content"
+require_relative "auth0/types/user_effective_role_source"
+require_relative "auth0/types/user_effective_role"
+require_relative "auth0/types/list_user_effective_roles_response_content"
require_relative "auth0/types/user_grant"
require_relative "auth0/types/list_user_grants_offset_paginated_response_content"
require_relative "auth0/types/list_user_organizations_offset_paginated_response_content"
require_relative "auth0/types/user_permission_schema"
require_relative "auth0/types/list_user_permissions_offset_paginated_response_content"
+require_relative "auth0/types/list_user_role_source_groups_response_content"
require_relative "auth0/types/list_user_roles_offset_paginated_response_content"
require_relative "auth0/types/session_response_content"
require_relative "auth0/types/list_user_sessions_paginated_response_content"
@@ -2556,6 +2576,8 @@
require_relative "auth0/types/set_user_authentication_methods_request_content"
require_relative "auth0/types/sets_custom_texts_by_language_request_content"
require_relative "auth0/types/signing_keys"
+require_relative "auth0/types/tenant_settings_country_codes_mode"
+require_relative "auth0/types/tenant_settings_country_codes"
require_relative "auth0/types/tenant_settings_supported_locales_enum"
require_relative "auth0/types/test_action_payload"
require_relative "auth0/types/test_action_result_payload"
@@ -2926,6 +2948,10 @@
require_relative "auth0/flows/vault/connections/types/update_flows_vault_connection_request_content"
require_relative "auth0/groups/members/client"
require_relative "auth0/groups/members/types/get_group_members_request_parameters"
+require_relative "auth0/groups/roles/client"
+require_relative "auth0/groups/roles/types/list_group_roles_request_parameters"
+require_relative "auth0/groups/roles/types/create_group_roles_request_parameters"
+require_relative "auth0/groups/roles/types/delete_group_roles_request_content"
require_relative "auth0/guardian/client"
require_relative "auth0/guardian/enrollments/client"
require_relative "auth0/guardian/enrollments/types/create_guardian_enrollment_ticket_request_content"
@@ -2994,10 +3020,21 @@
require_relative "auth0/organizations/members/types/list_organization_members_request_parameters"
require_relative "auth0/organizations/members/types/create_organization_member_request_content"
require_relative "auth0/organizations/members/types/delete_organization_members_request_content"
+require_relative "auth0/organizations/groups/client"
+require_relative "auth0/organizations/groups/types/list_organization_groups_request_parameters"
+require_relative "auth0/organizations/groups/roles/client"
+require_relative "auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters"
+require_relative "auth0/organizations/groups/roles/types/create_organization_group_roles_request_content"
+require_relative "auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content"
+require_relative "auth0/organizations/members/effective_roles/client"
+require_relative "auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters"
require_relative "auth0/organizations/members/roles/client"
require_relative "auth0/organizations/members/roles/types/list_organization_member_roles_request_parameters"
require_relative "auth0/organizations/members/roles/types/assign_organization_member_roles_request_content"
require_relative "auth0/organizations/members/roles/types/delete_organization_member_roles_request_content"
+require_relative "auth0/organizations/members/effective_roles/sources/client"
+require_relative "auth0/organizations/members/effective_roles/sources/groups/client"
+require_relative "auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters"
require_relative "auth0/prompts/rendering/client"
require_relative "auth0/prompts/rendering/types/list_aculs_request_parameters"
require_relative "auth0/prompts/rendering/types/bulk_update_acul_request_content"
@@ -3009,6 +3046,10 @@
require_relative "auth0/risk_assessments/settings/types/update_risk_assessments_settings_request_content"
require_relative "auth0/risk_assessments/settings/new_device/client"
require_relative "auth0/risk_assessments/settings/new_device/types/update_risk_assessments_settings_new_device_request_content"
+require_relative "auth0/roles/groups/client"
+require_relative "auth0/roles/groups/types/list_role_groups_parameters"
+require_relative "auth0/roles/groups/types/assign_role_groups_request_content"
+require_relative "auth0/roles/groups/types/delete_role_groups_request_content"
require_relative "auth0/roles/permissions/client"
require_relative "auth0/roles/permissions/types/list_role_permissions_request_parameters"
require_relative "auth0/roles/permissions/types/add_role_permissions_request_content"
@@ -3030,6 +3071,10 @@
require_relative "auth0/users/authenticators/client"
require_relative "auth0/users/connected_accounts/client"
require_relative "auth0/users/connected_accounts/types/get_user_connected_accounts_request_parameters"
+require_relative "auth0/users/effective_permissions/client"
+require_relative "auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters"
+require_relative "auth0/users/effective_roles/client"
+require_relative "auth0/users/effective_roles/types/list_user_effective_roles_request_parameters"
require_relative "auth0/users/enrollments/client"
require_relative "auth0/users/federated_connections_tokensets/client"
require_relative "auth0/users/groups/client"
@@ -3055,6 +3100,12 @@
require_relative "auth0/users/refresh_token/types/list_refresh_tokens_request_parameters"
require_relative "auth0/users/sessions/client"
require_relative "auth0/users/sessions/types/list_user_sessions_request_parameters"
+require_relative "auth0/users/effective_permissions/sources/client"
+require_relative "auth0/users/effective_permissions/sources/roles/client"
+require_relative "auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters"
+require_relative "auth0/users/effective_roles/sources/client"
+require_relative "auth0/users/effective_roles/sources/groups/client"
+require_relative "auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters"
require_relative "auth0/verifiable_credentials/client"
require_relative "auth0/verifiable_credentials/verification/client"
require_relative "auth0/verifiable_credentials/verification/templates/client"
diff --git a/lib/auth0/client_grants/client.rb b/lib/auth0/client_grants/client.rb
index 4f0e07ae..3d65815a 100644
--- a/lib/auth0/client_grants/client.rb
+++ b/lib/auth0/client_grants/client.rb
@@ -10,9 +10,9 @@ def initialize(client:)
@client = client
end
- # Retrieve a list of client
- # grants, including the scopes associated with the application/API pair.
+ # Retrieve a list of [client
+ # grants](https://auth0.com/docs/get-started/applications/application-access-to-apis-client-grants), including the
+ # scopes associated with the application/API pair.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -70,9 +70,8 @@ def list(request_options: {}, **params)
end
end
- # Create a client grant for a machine-to-machine login flow. To learn more, read Client
- # Credential Flow.
+ # Create a client grant for a machine-to-machine login flow. To learn more, read [Client Credential
+ # Flow](https://www.auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow).
#
# @param request_options [Hash]
# @param params [Auth0::ClientGrants::Types::CreateClientGrantRequestContent]
@@ -106,9 +105,8 @@ def create(request_options: {}, **params)
end
end
- # Retrieve a single client
- # grant, including the
+ # Retrieve a single [client
+ # grant](https://auth0.com/docs/get-started/applications/application-access-to-apis-client-grants), including the
# scopes associated with the application/API pair.
#
# @param request_options [Hash]
@@ -143,9 +141,9 @@ def get(request_options: {}, **params)
end
end
- # Delete the Client
- # Credential Flow from your machine-to-machine application.
+ # Delete the [Client Credential
+ # Flow](https://www.auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) from
+ # your machine-to-machine application.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/clients/client.rb b/lib/auth0/clients/client.rb
index 84b3ec01..2201f3b8 100644
--- a/lib/auth0/clients/client.rb
+++ b/lib/auth0/clients/client.rb
@@ -12,41 +12,31 @@ def initialize(client:)
# Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or
# exclude may also be specified.
- # For more information, read Applications in
- # Auth0 and Single Sign-On.
+ # For more information, read [Applications in Auth0](https://www.auth0.com/docs/get-started/applications) and
+ # [Single Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on).
#
- #
- # -
- # The following can be retrieved with any scope:
- #
client_id, app_type, name, and description.
- #
- # -
- # The following properties can only be retrieved with the
read:clients or
- # read:client_keys scope:
- # callbacks, oidc_logout, allowed_origins,
- # web_origins, tenant, global, config_route,
- # callback_url_template, jwt_configuration,
- # jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,
- # jwt_configuration.scopes, jwt_configuration.alg, api_type,
- # logo_uri, allowed_clients, owners, custom_login_page,
- # custom_login_page_off, sso, addons, form_template,
- # custom_login_page_codeview, resource_servers, client_metadata,
- # mobile, mobile.android, mobile.ios, allowed_logout_urls,
- # token_endpoint_auth_method, is_first_party, oidc_conformant,
- # is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,
- # refresh_token, refresh_token.rotation_type,
- # refresh_token.expiration_type,
- # refresh_token.leeway, refresh_token.token_lifetime,
- # refresh_token.policies, organization_usage,
- # organization_require_behavior.
- #
- # -
- # The following properties can only be retrieved with the
- #
read:client_keys or read:client_credentials scope:
- # encryption_key, encryption_key.pub, encryption_key.cert,
- # client_secret, client_authentication_methods and signing_key.
- #
- #
+ # - The following can be retrieved with any scope:
+ # `client_id`, `app_type`, `name`, and `description`.
+ # - The following properties can only be retrieved with the `read:clients` or
+ # `read:client_keys` scope:
+ # `callbacks`, `oidc_logout`, `allowed_origins`,
+ # `web_origins`, `tenant`, `global`, `config_route`,
+ # `callback_url_template`, `jwt_configuration`,
+ # `jwt_configuration.lifetime_in_seconds`, `jwt_configuration.secret_encoded`,
+ # `jwt_configuration.scopes`, `jwt_configuration.alg`, `api_type`,
+ # `logo_uri`, `allowed_clients`, `owners`, `custom_login_page`,
+ # `custom_login_page_off`, `sso`, `addons`, `form_template`,
+ # `custom_login_page_codeview`, `resource_servers`, `client_metadata`,
+ # `mobile`, `mobile.android`, `mobile.ios`, `allowed_logout_urls`,
+ # `token_endpoint_auth_method`, `is_first_party`, `oidc_conformant`,
+ # `is_token_endpoint_ip_header_trusted`, `initiate_login_uri`, `grant_types`,
+ # `refresh_token`, `refresh_token.rotation_type`, `refresh_token.expiration_type`,
+ # `refresh_token.leeway`, `refresh_token.token_lifetime`, `refresh_token.policies`, `organization_usage`,
+ # `organization_require_behavior`.
+ # - The following properties can only be retrieved with the
+ # `read:client_keys` or `read:client_credentials` scope:
+ # `encryption_key`, `encryption_key.pub`, `encryption_key.cert`,
+ # `client_secret`, `client_authentication_methods` and `signing_key`.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -111,28 +101,24 @@ def list(request_options: {}, **params)
end
end
- # Create a new client (application or SSO integration). For more information, read Create Applications
- # API Endpoints
- # for Single Sign-On.
+ # Create a new client (application or SSO integration). For more information, read [Create
+ # Applications](https://www.auth0.com/docs/get-started/auth0-overview/create-applications)
+ # [API Endpoints for Single
+ # Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on/api-endpoints-for-single-sign-on).
#
# Notes:
# - We recommend leaving the `client_secret` parameter unspecified to allow the generation of a safe secret.
- # - The client_authentication_methods and token_endpoint_auth_method properties are
- # mutually exclusive. Use
- # client_authentication_methods to configure the client with Private Key JWT authentication method.
- # Otherwise, use token_endpoint_auth_method
+ # - The `client_authentication_methods` and `token_endpoint_auth_method` properties are mutually exclusive. Use
+ # `client_authentication_methods` to configure the client with Private Key JWT authentication method. Otherwise,
+ # use `token_endpoint_auth_method`
# to configure the client with client secret (basic or post) or with no authentication method (none).
- # - When using client_authentication_methods to configure the client with Private Key JWT
- # authentication method, specify fully defined credentials.
+ # - When using `client_authentication_methods` to configure the client with Private Key JWT authentication method,
+ # specify fully defined credentials.
# These credentials will be automatically enabled for Private Key JWT authentication on the client.
- # - To configure client_authentication_methods, the create:client_credentials scope is
- # required.
- # - To configure client_authentication_methods, the property jwt_configuration.alg must
- # be set to RS256.
+ # - To configure `client_authentication_methods`, the `create:client_credentials` scope is required.
+ # - To configure `client_authentication_methods`, the property `jwt_configuration.alg` must be set to RS256.
#
- # SSO Integrations created via this endpoint will accept login requests and share
- # user profile information.
+ # SSO Integrations created via this endpoint will accept login requests and share user profile information.
#
# @param request_options [Hash]
# @param params [Auth0::Clients::Types::CreateClientRequestContent]
@@ -253,40 +239,31 @@ def register_cimd_client(request_options: {}, **params)
# Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list
# of fields to include or exclude may also be specified.
- # For more information, read Applications in
- # Auth0 and Single Sign-On.
- #
- # -
- # The following properties can be retrieved with any of the scopes:
- #
client_id, app_type, name, and description.
- #
- # -
- # The following properties can only be retrieved with the
read:clients or
- # read:client_keys scopes:
- # callbacks, oidc_logout, allowed_origins,
- # web_origins, tenant, global, config_route,
- # callback_url_template, jwt_configuration,
- # jwt_configuration.lifetime_in_seconds, jwt_configuration.secret_encoded,
- # jwt_configuration.scopes, jwt_configuration.alg, api_type,
- # logo_uri, allowed_clients, owners, custom_login_page,
- # custom_login_page_off, sso, addons, form_template,
- # custom_login_page_codeview, resource_servers, client_metadata,
- # mobile, mobile.android, mobile.ios, allowed_logout_urls,
- # token_endpoint_auth_method, is_first_party, oidc_conformant,
- # is_token_endpoint_ip_header_trusted, initiate_login_uri, grant_types,
- # refresh_token, refresh_token.rotation_type,
- # refresh_token.expiration_type,
- # refresh_token.leeway, refresh_token.token_lifetime,
- # refresh_token.policies, organization_usage,
- # organization_require_behavior.
- #
- # -
- # The following properties can only be retrieved with the
read:client_keys or
- # read:client_credentials scopes:
- # encryption_key, encryption_key.pub, encryption_key.cert,
- # client_secret, client_authentication_methods and signing_key.
- #
- #
+ # For more information, read [Applications in Auth0](https://www.auth0.com/docs/get-started/applications) and
+ # [Single Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on).
+ #
+ # - The following properties can be retrieved with any of the scopes:
+ # `client_id`, `app_type`, `name`, and `description`.
+ # - The following properties can only be retrieved with the `read:clients` or
+ # `read:client_keys` scopes:
+ # `callbacks`, `oidc_logout`, `allowed_origins`,
+ # `web_origins`, `tenant`, `global`, `config_route`,
+ # `callback_url_template`, `jwt_configuration`,
+ # `jwt_configuration.lifetime_in_seconds`, `jwt_configuration.secret_encoded`,
+ # `jwt_configuration.scopes`, `jwt_configuration.alg`, `api_type`,
+ # `logo_uri`, `allowed_clients`, `owners`, `custom_login_page`,
+ # `custom_login_page_off`, `sso`, `addons`, `form_template`,
+ # `custom_login_page_codeview`, `resource_servers`, `client_metadata`,
+ # `mobile`, `mobile.android`, `mobile.ios`, `allowed_logout_urls`,
+ # `token_endpoint_auth_method`, `is_first_party`, `oidc_conformant`,
+ # `is_token_endpoint_ip_header_trusted`, `initiate_login_uri`, `grant_types`,
+ # `refresh_token`, `refresh_token.rotation_type`, `refresh_token.expiration_type`,
+ # `refresh_token.leeway`, `refresh_token.token_lifetime`, `refresh_token.policies`, `organization_usage`,
+ # `organization_require_behavior`.
+ # - The following properties can only be retrieved with the `read:client_keys` or `read:client_credentials`
+ # scopes:
+ # `encryption_key`, `encryption_key.pub`, `encryption_key.cert`,
+ # `client_secret`, `client_authentication_methods` and `signing_key`.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -359,25 +336,22 @@ def delete(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Updates a client's settings. For more information, read Applications in Auth0 and Single Sign-On.
+ # Updates a client's settings. For more information, read [Applications in
+ # Auth0](https://www.auth0.com/docs/get-started/applications) and [Single
+ # Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on).
#
# Notes:
# - The `client_secret` and `signing_key` attributes can only be updated with the `update:client_keys` scope.
- # - The client_authentication_methods and token_endpoint_auth_method properties are
- # mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT
- # authentication method. Otherwise, use token_endpoint_auth_method to configure the client with
- # client secret (basic or post) or with no authentication method (none).
- # - When using client_authentication_methods to configure the client with Private Key JWT
- # authentication method, only specify the credential IDs that were generated when creating the credentials on the
- # client.
- # - To configure client_authentication_methods, the update:client_credentials scope is
- # required.
- # - To configure client_authentication_methods, the property jwt_configuration.alg must
- # be set to RS256.
- # - To change a client's is_first_party property to false, the
- # organization_usage and organization_require_behavior properties must be unset.
+ # - The `client_authentication_methods` and `token_endpoint_auth_method` properties are mutually exclusive. Use
+ # `client_authentication_methods` to configure the client with Private Key JWT authentication method. Otherwise,
+ # use `token_endpoint_auth_method` to configure the client with client secret (basic or post) or with no
+ # authentication method (none).
+ # - When using `client_authentication_methods` to configure the client with Private Key JWT authentication method,
+ # only specify the credential IDs that were generated when creating the credentials on the client.
+ # - To configure `client_authentication_methods`, the `update:client_credentials` scope is required.
+ # - To configure `client_authentication_methods`, the property `jwt_configuration.alg` must be set to RS256.
+ # - To change a client's `is_first_party` property to `false`, the `organization_usage` and
+ # `organization_require_behavior` properties must be unset.
#
# @param request_options [Hash]
# @param params [Auth0::Clients::Types::UpdateClientRequestContent]
@@ -421,8 +395,8 @@ def update(request_options: {}, **params)
# This endpoint cannot be used with clients configured with Private Key JWT authentication method
# (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded.
#
- # For more information, read Rotate Client Secrets.
+ # For more information, read [Rotate Client
+ # Secrets](https://www.auth0.com/docs/get-started/applications/rotate-client-secret).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/clients/connections/client.rb b/lib/auth0/clients/connections/client.rb
index 188b703b..6d28d705 100644
--- a/lib/auth0/clients/connections/client.rb
+++ b/lib/auth0/clients/connections/client.rb
@@ -11,20 +11,14 @@ def initialize(client:)
@client = client
end
- # Retrieve all connections that are enabled for the specified Application, using checkpoint pagination. A
- # list of fields to include or exclude for each connection may also be specified.
- #
- # -
- # This endpoint requires the
read:connections scope and any one of read:clients or
- # read:client_summary.
- #
- # -
- # Note: The first time you call this endpoint, omit the
from parameter. If there are more
- # results, a next value is included in the response. You can use this for subsequent API calls.
- # When next is no longer included in the response, no further results are remaining.
- #
- #
+ # Retrieve all connections that are enabled for the specified
+ # [Application](https://www.auth0.com/docs/get-started/applications), using checkpoint pagination. A list of
+ # fields to include or exclude for each connection may also be specified.
+ #
+ # - This endpoint requires the `read:connections` scope and any one of `read:clients` or `read:client_summary`.
+ # - **Note**: The first time you call this endpoint, omit the `from` parameter. If there are more results, a
+ # `next` value is included in the response. You can use this for subsequent API calls. When `next` is no longer
+ # included in the response, no further results are remaining.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/clients/credentials/client.rb b/lib/auth0/clients/credentials/client.rb
index 728dae80..daec097e 100644
--- a/lib/auth0/clients/credentials/client.rb
+++ b/lib/auth0/clients/credentials/client.rb
@@ -13,9 +13,9 @@ def initialize(client:)
# Get the details of a client credential.
#
- # Important: To enable credentials to be used for a client authentication method, set the
- # client_authentication_methods property on the client. To enable credentials to be used for
- # JWT-Secured Authorization requests set the signed_request_object property on the client.
+ # **Important**: To enable credentials to be used for a client authentication method, set the
+ # `client_authentication_methods` property on the client. To enable credentials to be used for JWT-Secured
+ # Authorization requests set the `signed_request_object` property on the client.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -50,48 +50,69 @@ def list(request_options: {}, **params)
# Create a client credential associated to your application. Credentials can be used to configure Private Key
# JWT and mTLS authentication methods, as well as for JWT-secured Authorization requests.
#
- # Public Key
Public Key credentials can be used to set up Private Key JWT client authentication and
- # JWT-secured Authorization requests.
+ # **Public Key**
#
- # Sample: {
+ # Public Key credentials can be used to set up Private Key JWT client authentication and JWT-secured
+ # Authorization requests.
+ #
+ # Sample:
+ #
+ # ```json
+ # {
# "credential_type": "public_key",
# "name": "string",
# "pem": "string",
# "alg": "RS256",
# "parse_expiry_from_cert": false,
# "expires_at": "2022-12-31T23:59:59Z"
- # }
- # Certificate (CA-signed & self-signed)
Certificate credentials can be used to set up mTLS client
- # authentication. CA-signed certificates can be configured either with a signed certificate or with just the
- # certificate Subject DN.
+ # }
+ # ```
+ #
+ # **Certificate (CA-signed & self-signed)**
+ #
+ # Certificate credentials can be used to set up mTLS client authentication. CA-signed certificates can be
+ # configured either with a signed certificate or with just the certificate Subject DN.
+ #
+ # CA-signed Certificate Sample (pem):
#
- # CA-signed Certificate Sample (pem): {
+ # ```json
+ # {
# "credential_type": "x509_cert",
# "name": "string",
# "pem": "string"
- # }
CA-signed Certificate Sample (subject_dn): {
+ # }
+ # ```
+ #
+ # CA-signed Certificate Sample (subject_dn):
+ #
+ # ```json
+ # {
# "credential_type": "cert_subject_dn",
# "name": "string",
# "subject_dn": "string"
- # }
Self-signed Certificate Sample: {
+ # }
+ # ```
+ #
+ # Self-signed Certificate Sample:
+ #
+ # ```json
+ # {
# "credential_type": "cert_subject_dn",
# "name": "string",
# "pem": "string"
- # }
+ # }
+ # ```
#
# The credential will be created but not yet enabled for use until you set the corresponding properties in the
# client:
- #
+ #
+ # - To enable the credential for Private Key JWT or mTLS authentication methods, set the
+ # `client_authentication_methods` property on the client. For more information, read [Configure Private Key JWT
+ # Authentication](https://auth0.com/docs/get-started/applications/configure-private-key-jwt) and [Configure mTLS
+ # Authentication](https://auth0.com/docs/get-started/applications/configure-mtls)
+ # - To enable the credential for JWT-secured Authorization requests, set the `signed_request_object`property on
+ # the client. For more information, read [Configure JWT-secured Authorization Requests
+ # (JAR)](https://auth0.com/docs/get-started/applications/configure-jar)
#
# @param request_options [Hash]
# @param params [Auth0::Clients::Credentials::Types::PostClientCredentialRequestContent]
@@ -132,9 +153,9 @@ def create(request_options: {}, **params)
# Get the details of a client credential.
#
- # Important: To enable credentials to be used for a client authentication method, set the
- # client_authentication_methods property on the client. To enable credentials to be used for
- # JWT-Secured Authorization requests set the signed_request_object property on the client.
+ # **Important**: To enable credentials to be used for a client authentication method, set the
+ # `client_authentication_methods` property on the client. To enable credentials to be used for JWT-Secured
+ # Authorization requests set the `signed_request_object` property on the client.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/connections/scim_configuration/client.rb b/lib/auth0/connections/scim_configuration/client.rb
index 6a61ce2b..8d6f407a 100644
--- a/lib/auth0/connections/scim_configuration/client.rb
+++ b/lib/auth0/connections/scim_configuration/client.rb
@@ -59,7 +59,7 @@ def list(request_options: {}, **params)
end
end
- # Retrieves a scim configuration by its connectionId.
+ # Retrieves a scim configuration by its `connectionId`.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -128,7 +128,7 @@ def create(request_options: {}, **params)
end
end
- # Deletes a scim configuration by its connectionId.
+ # Deletes a scim configuration by its `connectionId`.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -160,7 +160,7 @@ def delete(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Update a scim configuration by its connectionId.
+ # Update a scim configuration by its `connectionId`.
#
# @param request_options [Hash]
# @param params [Auth0::Connections::SCIMConfiguration::Types::UpdateSCIMConfigurationRequestContent]
@@ -199,7 +199,7 @@ def update(request_options: {}, **params)
end
end
- # Retrieves a scim configuration's default mapping by its connectionId.
+ # Retrieves a scim configuration's default mapping by its `connectionId`.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/connections/scim_configuration/tokens/client.rb b/lib/auth0/connections/scim_configuration/tokens/client.rb
index 4f4b1f06..5f15a608 100644
--- a/lib/auth0/connections/scim_configuration/tokens/client.rb
+++ b/lib/auth0/connections/scim_configuration/tokens/client.rb
@@ -12,7 +12,7 @@ def initialize(client:)
@client = client
end
- # Retrieves all scim tokens by its connection id.
+ # Retrieves all scim tokens by its connection `id`.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -85,7 +85,7 @@ def create(request_options: {}, **params)
end
end
- # Deletes a scim token by its connection id and tokenId.
+ # Deletes a scim token by its connection `id` and `tokenId`.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/device_credentials/client.rb b/lib/auth0/device_credentials/client.rb
index 0963f7fd..3690c0ff 100644
--- a/lib/auth0/device_credentials/client.rb
+++ b/lib/auth0/device_credentials/client.rb
@@ -10,8 +10,8 @@ def initialize(client:)
@client = client
end
- # Retrieve device credential information (public_key, refresh_token, or
- # rotating_refresh_token) associated with a specific user.
+ # Retrieve device credential information (`public_key`, `refresh_token`, or `rotating_refresh_token`) associated
+ # with a specific user.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -72,12 +72,11 @@ def list(request_options: {}, **params)
end
end
- # Create a device credential public key to manage refresh token rotation for a given user_id. Device
- # Credentials APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET
- # requests.
+ # Create a device credential public key to manage refresh token rotation for a given `user_id`. Device Credentials
+ # APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET requests.
#
- # When refresh token rotation is enabled, the endpoint becomes consistent. For more information, read Signing Keys.
+ # When refresh token rotation is enabled, the endpoint becomes consistent. For more information, read [Signing
+ # Keys](https://auth0.com/docs/get-started/tenant-settings/signing-keys).
#
# @param request_options [Hash]
# @param params [Auth0::DeviceCredentials::Types::CreatePublicKeyDeviceCredentialRequestContent]
diff --git a/lib/auth0/groups/client.rb b/lib/auth0/groups/client.rb
index ee95275f..0860ff2d 100644
--- a/lib/auth0/groups/client.rb
+++ b/lib/auth0/groups/client.rb
@@ -140,6 +140,11 @@ def delete(request_options: {}, **params)
def members
@members ||= Auth0::Groups::Members::Client.new(client: @client)
end
+
+ # @return [Auth0::Roles::Client]
+ def roles
+ @roles ||= Auth0::Groups::Roles::Client.new(client: @client)
+ end
end
end
end
diff --git a/lib/auth0/groups/roles/client.rb b/lib/auth0/groups/roles/client.rb
new file mode 100644
index 00000000..e3223b38
--- /dev/null
+++ b/lib/auth0/groups/roles/client.rb
@@ -0,0 +1,141 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Groups
+ module Roles
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the roles assigned to a group.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListGroupRolesResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :roles,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListGroupRolesResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # Assign one or more roles to a specified
+ # group.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Groups::Roles::Types::CreateGroupRolesRequestParameters]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ #
+ # @return [untyped]
+ def create(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Groups::Roles::Types::CreateGroupRolesRequestParameters.new(params).to_h
+ non_body_param_names = %w[id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "POST",
+ path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+
+ # Unassign one or more roles from a
+ # specified group.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Groups::Roles::Types::DeleteGroupRolesRequestContent]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ #
+ # @return [untyped]
+ def delete(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Groups::Roles::Types::DeleteGroupRolesRequestContent.new(params).to_h
+ non_body_param_names = %w[id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "DELETE",
+ path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb b/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb
new file mode 100644
index 00000000..2df1aa93
--- /dev/null
+++ b/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Groups
+ module Roles
+ module Types
+ class CreateGroupRolesRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb b/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb
new file mode 100644
index 00000000..7ce2e5f7
--- /dev/null
+++ b/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Groups
+ module Roles
+ module Types
+ class DeleteGroupRolesRequestContent < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb b/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb
new file mode 100644
index 00000000..04c53be6
--- /dev/null
+++ b/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Groups
+ module Roles
+ module Types
+ class ListGroupRolesRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/guardian/enrollments/client.rb b/lib/auth0/guardian/enrollments/client.rb
index 852e66d7..ca51ae66 100644
--- a/lib/auth0/guardian/enrollments/client.rb
+++ b/lib/auth0/guardian/enrollments/client.rb
@@ -11,17 +11,10 @@ def initialize(client:)
@client = client
end
- # Create a multi-factor
- # authentication (MFA) enrollment ticket, and optionally send an email with the created ticket, to a given
- # user.
- # Create a multi-factor
- # authentication (MFA) enrollment ticket, and optionally send an email with the created ticket to a given
- # user. Enrollment tickets can specify which factor users must enroll with or allow existing MFA users to enroll
- # in additional factors.
- #
- # Note: Users cannot enroll in Email as a factor through custom enrollment tickets.
+ # Create a [multi-factor authentication (MFA) enrollment
+ # ticket](https://auth0.com/docs/secure/multi-factor-authentication/auth0-guardian/create-custom-enrollment-tickets),
+ # and optionally send an email with the created ticket to a given user. Enrollment tickets can specify which
+ # factor users must enroll with or allow existing MFA users to enroll in additional factors.
#
# @param request_options [Hash]
# @param params [Auth0::Guardian::Enrollments::Types::CreateGuardianEnrollmentTicketRequestContent]
@@ -91,9 +84,8 @@ def get(request_options: {}, **params)
end
# Remove a specific multi-factor authentication (MFA) enrollment from a user's account. This allows the user to
- # re-enroll with MFA. For more information, review Reset User Multi-Factor
- # Authentication and Recovery Codes.
+ # re-enroll with MFA. For more information, review [Reset User Multi-Factor Authentication and Recovery
+ # Codes](https://auth0.com/docs/secure/multi-factor-authentication/reset-user-mfa).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/guardian/factors/push_notification/client.rb b/lib/auth0/guardian/factors/push_notification/client.rb
index 52216b55..72ef229f 100644
--- a/lib/auth0/guardian/factors/push_notification/client.rb
+++ b/lib/auth0/guardian/factors/push_notification/client.rb
@@ -253,9 +253,8 @@ def update_fcmv1provider(request_options: {}, **params)
end
# Retrieve configuration details for an AWS SNS push notification provider that has been enabled for MFA. To
- # learn more, review Configure
- # Push Notifications for MFA.
+ # learn more, review [Configure Push Notifications for
+ # MFA](https://auth0.com/docs/secure/multi-factor-authentication/multi-factor-authentication-factors/configure-push-notifications-for-mfa).
#
# @param request_options [Hash]
# @param _params [Hash]
@@ -287,8 +286,9 @@ def get_sns_provider(request_options: {}, **_params)
end
end
- # Configure the AWS
- # SNS push notification provider configuration (subscription required).
+ # Configure the [AWS SNS push notification provider
+ # configuration](https://auth0.com/docs/multifactor-authentication/developer/sns-configuration) (subscription
+ # required).
#
# @param request_options [Hash]
# @param params [Auth0::Guardian::Factors::PushNotification::Types::SetGuardianFactorsProviderPushNotificationSnsRequestContent]
@@ -322,8 +322,9 @@ def set_sns_provider(request_options: {}, **params)
end
end
- # Configure the AWS
- # SNS push notification provider configuration (subscription required).
+ # Configure the [AWS SNS push notification provider
+ # configuration](https://auth0.com/docs/multifactor-authentication/developer/sns-configuration) (subscription
+ # required).
#
# @param request_options [Hash]
# @param params [Auth0::Guardian::Factors::PushNotification::Types::UpdateGuardianFactorsProviderPushNotificationSnsRequestContent]
diff --git a/lib/auth0/guardian/policies/client.rb b/lib/auth0/guardian/policies/client.rb
index 55e989f2..f2f9bc72 100644
--- a/lib/auth0/guardian/policies/client.rb
+++ b/lib/auth0/guardian/policies/client.rb
@@ -11,19 +11,17 @@ def initialize(client:)
@client = client
end
- # Retrieve the multi-factor
- # authentication (MFA) policies configured for your tenant.
+ # Retrieve the [multi-factor authentication (MFA)
+ # policies](https://auth0.com/docs/secure/multi-factor-authentication/enable-mfa) configured for your tenant.
#
# The following policies are supported:
- #
- # all-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.
#
- # Note: The confidence-score policy is part of the Adaptive MFA feature.
- # Adaptive MFA requires an add-on for the Enterprise plan; review Auth0
- # Pricing for more details.
+ # - `all-applications` policy prompts with MFA for all logins.
+ # - `confidence-score` policy prompts with MFA only for low confidence logins.
+ #
+ # **Note**: The `confidence-score` policy is part of the [Adaptive MFA
+ # feature](https://auth0.com/docs/secure/multi-factor-authentication/adaptive-mfa). Adaptive MFA requires an
+ # add-on for the Enterprise plan; review [Auth0 Pricing](https://auth0.com/pricing) for more details.
#
# @param request_options [Hash]
# @param _params [Hash]
@@ -55,19 +53,17 @@ def list(request_options: {}, **_params)
end
end
- # Set multi-factor authentication
- # (MFA) policies for your tenant.
+ # Set [multi-factor authentication (MFA)
+ # policies](https://auth0.com/docs/secure/multi-factor-authentication/enable-mfa) for your tenant.
#
# The following policies are supported:
- #
- # all-applications policy prompts with MFA for all logins.confidence-score policy prompts with MFA only for low confidence logins.
#
- # Note: The confidence-score policy is part of the Adaptive MFA feature.
- # Adaptive MFA requires an add-on for the Enterprise plan; review Auth0
- # Pricing for more details.
+ # - `all-applications` policy prompts with MFA for all logins.
+ # - `confidence-score` policy prompts with MFA only for low confidence logins.
+ #
+ # **Note**: The `confidence-score` policy is part of the [Adaptive MFA
+ # feature](https://auth0.com/docs/secure/multi-factor-authentication/adaptive-mfa). Adaptive MFA requires an
+ # add-on for the Enterprise plan; review [Auth0 Pricing](https://auth0.com/pricing) for more details.
#
# @param request_options [Hash]
# @param params [Auth0::Types::SetGuardianPoliciesRequestContent]
diff --git a/lib/auth0/jobs/verification_email/client.rb b/lib/auth0/jobs/verification_email/client.rb
index c97a8bd7..317e83ba 100644
--- a/lib/auth0/jobs/verification_email/client.rb
+++ b/lib/auth0/jobs/verification_email/client.rb
@@ -11,8 +11,8 @@ def initialize(client:)
@client = client
end
- # Send an email to the specified user that asks them to click a link to verify their email address.
+ # Send an email to the specified user that asks them to click a link to [verify their email
+ # address](https://auth0.com/docs/email/custom#verification-email).
#
# Note: You must have the `Status` toggle enabled for the verification email template for the email to be sent.
#
diff --git a/lib/auth0/logs/client.rb b/lib/auth0/logs/client.rb
index 9ba503fa..36ea985c 100644
--- a/lib/auth0/logs/client.rb
+++ b/lib/auth0/logs/client.rb
@@ -12,50 +12,42 @@ def initialize(client:)
# Retrieve log entries that match the specified search criteria (or all log entries if no criteria specified).
#
- # Set custom search criteria using the q parameter, or search from a specific log ID ("search from
- # checkpoint").
+ # Set custom search criteria using the `q` parameter, or search from a specific log ID (_"search from
+ # checkpoint"_).
#
- # For more information on all possible event types, their respective acronyms, and descriptions, see Log Event Type Codes.
+ # For more information on all possible event types, their respective acronyms, and descriptions, see [Log Event
+ # Type Codes](https://auth0.com/docs/logs/log-event-type-codes).
#
- # To set custom search criteria, use the following parameters:
+ # **To set custom search criteria, use the following parameters:**
#
- #
- # - q: Search Criteria using Query String
- # Syntax
- # - page: Page index of the results to return. First page is 0.
- # - per_page: Number of results per page.
- # - sort: Field to use for sorting appended with `:1` for ascending and `:-1` for descending. e.g.
- # `date:-1`
- # - fields: Comma-separated list of fields to include or exclude (depending on include_fields) from the
- # result, empty to retrieve all fields.
- # - include_fields: Whether specified fields are to be included (true) or excluded (false).
- # - include_totals: Return results inside an object that contains the total result count (true) or as a
- # direct array of results (false, default). Deprecated: this field is deprecated and should be removed from
- # use. See Search
- # Engine V3 Breaking Changes
- #
+ # - **q:** Search Criteria using [Query String Syntax](https://auth0.com/docs/logs/log-search-query-syntax)
+ # - **page:** Page index of the results to return. First page is 0.
+ # - **per_page:** Number of results per page.
+ # - **sort:** Field to use for sorting appended with `:1` for ascending and `:-1` for descending. e.g. `date:-1`
+ # - **fields:** Comma-separated list of fields to include or exclude (depending on include_fields) from the
+ # result, empty to retrieve all fields.
+ # - **include_fields:** Whether specified fields are to be included (true) or excluded (false).
+ # - **include_totals:** Return results inside an object that contains the total result count (true) or as a direct
+ # array of results (false, default). **Deprecated:** this field is deprecated and should be removed from use. See
+ # [Search Engine V3 Breaking
+ # Changes](https://auth0.com/docs/product-lifecycle/deprecations-and-migrations/migrate-to-tenant-log-search-v3#pagination)
#
- # For more information on the list of fields that can be used in fields and sort, see Searchable Fields.
+ # For more information on the list of fields that can be used in `fields` and `sort`, see [Searchable
+ # Fields](https://auth0.com/docs/logs/log-search-query-syntax#searchable-fields).
#
- # Auth0 limits the number of
- # logs you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through
- # 1,000 search results. If you exceed this threshold, please redefine your search or use the get logs by
- # checkpoint method.
+ # Auth0 [limits the number of logs](https://auth0.com/docs/logs/retrieve-log-events-using-mgmt-api#limitations)
+ # you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through 1,000
+ # search results. If you exceed this threshold, please redefine your search or use the [get logs by checkpoint
+ # method](https://auth0.com/docs/logs/retrieve-log-events-using-mgmt-api#retrieve-logs-by-checkpoint).
#
- # To search from a checkpoint log ID, use the following parameters:
- #
- # - from: Log Event ID from which to start retrieving logs. You can limit the number of logs returned
- # using the
take parameter. If you use from at the same time as q,
- # from takes precedence and q is ignored.
- # - take: Number of entries to retrieve when using the
from parameter.
- #
+ # **To search from a checkpoint log ID, use the following parameters:**
#
- # Important: When fetching logs from a checkpoint log ID, any parameter other than
- # from and take will be ignored, and date ordering is not guaranteed.
+ # - **from:** Log Event ID from which to start retrieving logs. You can limit the number of logs returned using
+ # the `take` parameter. If you use `from` at the same time as `q`, `from` takes precedence and `q` is ignored.
+ # - **take:** Number of entries to retrieve when using the `from` parameter.
+ #
+ # **Important:** When fetching logs from a checkpoint log ID, any parameter other than `from` and `take` will be
+ # ignored, and date ordering is not guaranteed.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/organizations/client.rb b/lib/auth0/organizations/client.rb
index a8423232..5f409422 100644
--- a/lib/auth0/organizations/client.rb
+++ b/lib/auth0/organizations/client.rb
@@ -14,25 +14,22 @@ def initialize(client:)
# Organizations.
#
# This endpoint supports two types of pagination:
- #
- # - Offset pagination
- # - Checkpoint pagination
- #
+ #
+ # - Offset pagination
+ # - Checkpoint pagination
#
# Checkpoint pagination must be used if you need to retrieve more than 1000 organizations.
#
- # Checkpoint Pagination
+ # **Checkpoint Pagination**
#
# To search by checkpoint, use the following parameters:
- #
- # from: Optional id from which to start selection.take: The total number of entries to retrieve when using the from parameter.
- # Defaults to 50.
#
- # Note: The first time you call this endpoint using checkpoint pagination, omit the from
- # parameter. If there are more results, a next value is included in the response. You can use this
- # for subsequent API calls. When next is no longer included in the response, no pages are remaining.
+ # - `from`: Optional id from which to start selection.
+ # - `take`: The total number of entries to retrieve when using the `from` parameter. Defaults to 50.
+ #
+ # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If there
+ # are more results, a `next` value is included in the response. You can use this for subsequent API calls. When
+ # `next` is no longer included in the response, no pages are remaining.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -83,9 +80,8 @@ def list(request_options: {}, **params)
end
# Create a new Organization within your tenant. To learn more about Organization settings, behavior, and
- # configuration options, review Create Your First
- # Organization.
+ # configuration options, review [Create Your First
+ # Organization](https://auth0.com/docs/manage-users/organizations/create-first-organization).
#
# @param request_options [Hash]
# @param params [Auth0::Organizations::Types::CreateOrganizationRequestContent]
@@ -189,8 +185,8 @@ def get(request_options: {}, **params)
# Remove an Organization from your tenant. This action cannot be undone.
#
- # Note: Members are automatically disassociated from an Organization when it is deleted. However, this
- # action does not delete these users from your tenant.
+ # **Note**: Members are automatically disassociated from an Organization when it is deleted. However, this action
+ # does **not** delete these users from your tenant.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -222,8 +218,8 @@ def delete(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Update the details of a specific Organization,
+ # Update the details of a specific
+ # [Organization](https://auth0.com/docs/manage-users/organizations/configure-organizations/create-organizations),
# such as name and display name, branding options, and metadata.
#
# @param request_options [Hash]
@@ -292,6 +288,11 @@ def invitations
def members
@members ||= Auth0::Organizations::Members::Client.new(client: @client)
end
+
+ # @return [Auth0::Groups::Client]
+ def groups
+ @groups ||= Auth0::Organizations::Groups::Client.new(client: @client)
+ end
end
end
end
diff --git a/lib/auth0/organizations/discovery_domains/client.rb b/lib/auth0/organizations/discovery_domains/client.rb
index d764c0db..e243939a 100644
--- a/lib/auth0/organizations/discovery_domains/client.rb
+++ b/lib/auth0/organizations/discovery_domains/client.rb
@@ -209,9 +209,8 @@ def delete(request_options: {}, **params)
end
# Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The
- # status field must be either pending or verified. The
- # use_for_organization_discovery field can be true or false (default:
- # true).
+ # `status` field must be either `pending` or `verified`. The `use_for_organization_discovery` field can be
+ # `true` or `false` (default: `true`).
#
# @param request_options [Hash]
# @param params [Auth0::Organizations::DiscoveryDomains::Types::UpdateOrganizationDiscoveryDomainRequestContent]
diff --git a/lib/auth0/organizations/enabled_connections/client.rb b/lib/auth0/organizations/enabled_connections/client.rb
index 3569ad35..4dcdfc26 100644
--- a/lib/auth0/organizations/enabled_connections/client.rb
+++ b/lib/auth0/organizations/enabled_connections/client.rb
@@ -68,8 +68,8 @@ def list(request_options: {}, **params)
# Enable a specific connection for a given Organization. To enable a connection, it must already exist within
# your tenant; connections cannot be created through this action.
#
- # Connections represent the relationship
- # between Auth0 and a source of users. Available types of connections include database, enterprise, and social.
+ # [Connections](https://auth0.com/docs/authenticate/identity-providers) represent the relationship between Auth0
+ # and a source of users. Available types of connections include database, enterprise, and social.
#
# @param request_options [Hash]
# @param params [Auth0::Organizations::EnabledConnections::Types::AddOrganizationConnectionRequestContent]
@@ -148,7 +148,7 @@ def get(request_options: {}, **params)
# Disable a specific connection for an Organization. Once disabled, Organization members can no longer use that
# connection to authenticate.
#
- # Note: This action does not remove the connection from your tenant.
+ # **Note**: This action does not remove the connection from your tenant.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/organizations/groups/client.rb b/lib/auth0/organizations/groups/client.rb
new file mode 100644
index 00000000..44e01f9a
--- /dev/null
+++ b/lib/auth0/organizations/groups/client.rb
@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the groups that are assigned to the specified organization.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :organization_id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListOrganizationGroupsResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :groups,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListOrganizationGroupsResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # @return [Auth0::Roles::Client]
+ def roles
+ @roles ||= Auth0::Organizations::Groups::Roles::Client.new(client: @client)
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/groups/roles/client.rb b/lib/auth0/organizations/groups/roles/client.rb
new file mode 100644
index 00000000..425800f3
--- /dev/null
+++ b/lib/auth0/organizations/groups/roles/client.rb
@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ module Roles
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the roles assigned to the specified group in the context of an organization.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :organization_id
+ # @option params [String] :group_id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListOrganizationGroupRolesResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :roles,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListOrganizationGroupRolesResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # Assign one or more roles to a specified group in the context of an organization.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Organizations::Groups::Roles::Types::CreateOrganizationGroupRolesRequestContent]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :organization_id
+ # @option params [String] :group_id
+ #
+ # @return [untyped]
+ def create(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Organizations::Groups::Roles::Types::CreateOrganizationGroupRolesRequestContent.new(params).to_h
+ non_body_param_names = %w[organization_id group_id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "POST",
+ path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+
+ # Unassign one or more roles from a specified group in the context of an organization.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Organizations::Groups::Roles::Types::DeleteOrganizationGroupRolesRequestContent]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :organization_id
+ # @option params [String] :group_id
+ #
+ # @return [untyped]
+ def delete(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Organizations::Groups::Roles::Types::DeleteOrganizationGroupRolesRequestContent.new(params).to_h
+ non_body_param_names = %w[organization_id group_id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "DELETE",
+ path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb b/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb
new file mode 100644
index 00000000..7d0dc7b1
--- /dev/null
+++ b/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ module Roles
+ module Types
+ class CreateOrganizationGroupRolesRequestContent < Internal::Types::Model
+ field :organization_id, -> { String }, optional: false, nullable: false
+
+ field :group_id, -> { String }, optional: false, nullable: false
+
+ field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb b/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb
new file mode 100644
index 00000000..77643dd0
--- /dev/null
+++ b/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ module Roles
+ module Types
+ class DeleteOrganizationGroupRolesRequestContent < Internal::Types::Model
+ field :organization_id, -> { String }, optional: false, nullable: false
+
+ field :group_id, -> { String }, optional: false, nullable: false
+
+ field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb b/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb
new file mode 100644
index 00000000..30a3265a
--- /dev/null
+++ b/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ module Roles
+ module Types
+ class ListOrganizationGroupRolesRequestParameters < Internal::Types::Model
+ field :organization_id, -> { String }, optional: false, nullable: false
+
+ field :group_id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb b/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb
new file mode 100644
index 00000000..70addaaa
--- /dev/null
+++ b/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Groups
+ module Types
+ class ListOrganizationGroupsRequestParameters < Internal::Types::Model
+ field :organization_id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/invitations/client.rb b/lib/auth0/organizations/invitations/client.rb
index 0b996165..fa370ee0 100644
--- a/lib/auth0/organizations/invitations/client.rb
+++ b/lib/auth0/organizations/invitations/client.rb
@@ -13,9 +13,8 @@ def initialize(client:)
# Retrieve a detailed list of invitations sent to users for a specific Organization. The list includes details
# such as inviter and invitee information, invitation URLs, and dates of creation and expiration. To learn more
- # about Organization invitations, review Invite
- # Organization Members.
+ # about Organization invitations, review [Invite Organization
+ # Members](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -74,9 +73,9 @@ def list(request_options: {}, **params)
end
# Create a user invitation for a specific Organization. Upon creation, the listed user receives an email
- # inviting them to join the Organization. To learn more about Organization invitations, review Invite
- # Organization Members.
+ # inviting them to join the Organization. To learn more about Organization invitations, review [Invite
+ # Organization
+ # Members](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members).
#
# @param request_options [Hash]
# @param params [Auth0::Organizations::Invitations::Types::CreateOrganizationInvitationRequestContent]
diff --git a/lib/auth0/organizations/members/client.rb b/lib/auth0/organizations/members/client.rb
index 9213a220..c0535088 100644
--- a/lib/auth0/organizations/members/client.rb
+++ b/lib/auth0/organizations/members/client.rb
@@ -15,17 +15,10 @@ def initialize(client:)
# This endpoint is subject to eventual consistency. New users may not be immediately included in the response
# and deleted users may not be immediately removed from it.
#
- #
- # -
- # Use the
fields parameter to optionally define the specific member details retrieved. If
- # fields is left blank, all fields (except roles) are returned.
- #
- # -
- # Member roles are not sent by default. Use
fields=roles to retrieve the roles assigned to each
- # listed member. To use this parameter, you must include the read:organization_member_roles scope
- # in the token.
- #
- #
+ # - Use the `fields` parameter to optionally define the specific member details retrieved. If `fields` is left
+ # blank, all fields (except roles) are returned.
+ # - Member roles are not sent by default. Use `fields=roles` to retrieve the roles assigned to each listed
+ # member. To use this parameter, you must include the `read:organization_member_roles` scope in the token.
#
# This endpoint supports two types of pagination:
#
@@ -34,14 +27,13 @@ def initialize(client:)
#
# Checkpoint pagination must be used if you need to retrieve more than 1000 organization members.
#
- # Checkpoint Pagination
+ # **Checkpoint Pagination**
#
# To search by checkpoint, use the following parameters: - from: Optional id from which to start selection. -
# take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. Note: The first
- # time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. If
- # there are more results, a next value will be included in the response. You can use this for
- # subsequent API calls. When next is no longer included in the response, this indicates there are
- # no more pages remaining.
+ # time you call this endpoint using Checkpoint Pagination, you should omit the `from` parameter. If there are
+ # more results, a `next` value will be included in the response. You can use this for subsequent API calls. When
+ # `next` is no longer included in the response, this indicates there are no more pages remaining.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -94,13 +86,13 @@ def list(request_options: {}, **params)
end
end
- # Set one or more existing users as members of a specific Organization.
+ # Set one or more existing users as members of a specific
+ # [Organization](https://auth0.com/docs/manage-users/organizations).
#
# To add a user to an Organization through this action, the user must already exist in your tenant. If a user
- # does not yet exist, you can invite them to
- # create an account, manually create them through the Auth0 Dashboard, or use the Management API.
+ # does not yet exist, you can [invite them to create an
+ # account](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members), manually
+ # create them through the Auth0 Dashboard, or use the Management API.
#
# @param request_options [Hash]
# @param params [Auth0::Organizations::Members::Types::CreateOrganizationMemberRequestContent]
@@ -172,6 +164,11 @@ def delete(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
+ # @return [Auth0::EffectiveRoles::Client]
+ def effective_roles
+ @effective_roles ||= Auth0::Organizations::Members::EffectiveRoles::Client.new(client: @client)
+ end
+
# @return [Auth0::Roles::Client]
def roles
@roles ||= Auth0::Organizations::Members::Roles::Client.new(client: @client)
diff --git a/lib/auth0/organizations/members/effective_roles/client.rb b/lib/auth0/organizations/members/effective_roles/client.rb
new file mode 100644
index 00000000..f37cdd2d
--- /dev/null
+++ b/lib/auth0/organizations/members/effective_roles/client.rb
@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Members
+ module EffectiveRoles
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the roles assigned to an organization member directly or through group membership.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String] :user_id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListOrganizationMemberEffectiveRolesResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :roles,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "organizations/#{URI.encode_uri_component(params[:id].to_s)}/members/#{URI.encode_uri_component(params[:user_id].to_s)}/effective-roles",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListOrganizationMemberEffectiveRolesResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # @return [Auth0::Sources::Client]
+ def sources
+ @sources ||= Auth0::Organizations::Members::EffectiveRoles::Sources::Client.new(client: @client)
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/members/effective_roles/sources/client.rb b/lib/auth0/organizations/members/effective_roles/sources/client.rb
new file mode 100644
index 00000000..70b51f78
--- /dev/null
+++ b/lib/auth0/organizations/members/effective_roles/sources/client.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Members
+ module EffectiveRoles
+ module Sources
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # @return [Auth0::Groups::Client]
+ def groups
+ @groups ||= Auth0::Organizations::Members::EffectiveRoles::Sources::Groups::Client.new(client: @client)
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb b/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb
new file mode 100644
index 00000000..9fd2ad46
--- /dev/null
+++ b/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb
@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Members
+ module EffectiveRoles
+ module Sources
+ module Groups
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the groups which grant the org member a given role.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String] :user_id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ # @option params [String] :role_id
+ #
+ # @return [Auth0::Types::ListOrganizationMemberRoleSourceGroupsResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+ query_params["role_id"] = params[:role_id] if params.key?(:role_id)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :groups,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "organizations/#{URI.encode_uri_component(params[:id].to_s)}/members/#{URI.encode_uri_component(params[:user_id].to_s)}/effective-roles/sources/groups",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListOrganizationMemberRoleSourceGroupsResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb b/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb
new file mode 100644
index 00000000..bb363fe8
--- /dev/null
+++ b/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Members
+ module EffectiveRoles
+ module Sources
+ module Groups
+ module Types
+ class ListOrganizationMemberRoleSourceGroupsRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :user_id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+
+ field :role_id, -> { String }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb b/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb
new file mode 100644
index 00000000..0905487b
--- /dev/null
+++ b/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Organizations
+ module Members
+ module EffectiveRoles
+ module Types
+ class ListOrganizationMemberEffectiveRolesRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :user_id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/organizations/members/roles/client.rb b/lib/auth0/organizations/members/roles/client.rb
index ec26635c..e48f7e01 100644
--- a/lib/auth0/organizations/members/roles/client.rb
+++ b/lib/auth0/organizations/members/roles/client.rb
@@ -69,8 +69,8 @@ def list(request_options: {}, **params)
end
end
- # Assign one or more roles to a user to
- # determine their access for a specific Organization.
+ # Assign one or more [roles](https://auth0.com/docs/manage-users/access-control/rbac) to a user to determine
+ # their access for a specific Organization.
#
# Users can be members of multiple Organizations with unique roles assigned for each membership. This action
# assigns roles to a user only for the specified Organization. Roles cannot be assigned to a user across
@@ -112,8 +112,8 @@ def assign(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Remove one or more Organization-specific roles from a given user.
+ # Remove one or more Organization-specific [roles](https://auth0.com/docs/manage-users/access-control/rbac)
+ # from a given user.
#
# Users can be members of multiple Organizations with unique roles assigned for each membership. This action
# removes roles from a user in relation to the specified Organization. Roles assigned to the user within a
diff --git a/lib/auth0/roles/client.rb b/lib/auth0/roles/client.rb
index 35380ab1..ca204291 100644
--- a/lib/auth0/roles/client.rb
+++ b/lib/auth0/roles/client.rb
@@ -12,7 +12,7 @@ def initialize(client:)
# Retrieve detailed list of user roles created in your tenant.
#
- # Note: The returned list does not include standard roles available for tenant members, such as Admin or
+ # **Note**: The returned list does not include standard roles available for tenant members, such as Admin or
# Support Access.
#
# @param request_options [Hash]
@@ -66,11 +66,10 @@ def list(request_options: {}, **params)
end
end
- # Create a user role for Role-Based Access
- # Control.
+ # Create a user role for [Role-Based Access Control](https://auth0.com/docs/manage-users/access-control/rbac).
#
- # Note: New roles are not associated with any permissions by default. To assign existing permissions to
- # your role, review Associate Permissions with a Role. To create new permissions, review Add API Permissions.
+ # **Note**: New roles are not associated with any permissions by default. To assign existing permissions to your
+ # role, review Associate Permissions with a Role. To create new permissions, review Add API Permissions.
#
# @param request_options [Hash]
# @param params [Auth0::Roles::Types::CreateRoleRequestContent]
@@ -104,8 +103,8 @@ def create(request_options: {}, **params)
end
end
- # Retrieve details about a specific user
- # role specified by ID.
+ # Retrieve details about a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) specified
+ # by ID.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -139,9 +138,8 @@ def get(request_options: {}, **params)
end
end
- # Delete a specific user role from your
- # tenant. Once deleted, it is removed from any user who was previously assigned that role. This action cannot be
- # undone.
+ # Delete a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) from your tenant. Once
+ # deleted, it is removed from any user who was previously assigned that role. This action cannot be undone.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -173,8 +171,8 @@ def delete(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Modify the details of a specific user role
- # specified by ID.
+ # Modify the details of a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) specified
+ # by ID.
#
# @param request_options [Hash]
# @param params [Auth0::Roles::Types::UpdateRoleRequestContent]
@@ -213,6 +211,11 @@ def update(request_options: {}, **params)
end
end
+ # @return [Auth0::Groups::Client]
+ def groups
+ @groups ||= Auth0::Roles::Groups::Client.new(client: @client)
+ end
+
# @return [Auth0::Permissions::Client]
def permissions
@permissions ||= Auth0::Roles::Permissions::Client.new(client: @client)
diff --git a/lib/auth0/roles/groups/client.rb b/lib/auth0/roles/groups/client.rb
new file mode 100644
index 00000000..b661dc33
--- /dev/null
+++ b/lib/auth0/roles/groups/client.rb
@@ -0,0 +1,139 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Roles
+ module Groups
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the groups to which the specified role is assigned.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListRoleGroupsResponseContent]
+ def get(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :groups,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListRoleGroupsResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # Assign one or more groups to a specified role.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Roles::Groups::Types::AssignRoleGroupsRequestContent]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ #
+ # @return [untyped]
+ def create(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Roles::Groups::Types::AssignRoleGroupsRequestContent.new(params).to_h
+ non_body_param_names = %w[id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "POST",
+ path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+
+ # Unassign one or more groups from a specified role.
+ #
+ # @param request_options [Hash]
+ # @param params [Auth0::Roles::Groups::Types::DeleteRoleGroupsRequestContent]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ #
+ # @return [untyped]
+ def delete(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ request_data = Auth0::Roles::Groups::Types::DeleteRoleGroupsRequestContent.new(params).to_h
+ non_body_param_names = %w[id]
+ body = request_data.except(*non_body_param_names)
+
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "DELETE",
+ path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups",
+ body: body,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ return if code.between?(200, 299)
+
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb b/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb
new file mode 100644
index 00000000..68aa635b
--- /dev/null
+++ b/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Roles
+ module Groups
+ module Types
+ class AssignRoleGroupsRequestContent < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :groups, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb b/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb
new file mode 100644
index 00000000..cec08d47
--- /dev/null
+++ b/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Roles
+ module Groups
+ module Types
+ class DeleteRoleGroupsRequestContent < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :groups, -> { Internal::Types::Array[String] }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/roles/groups/types/list_role_groups_parameters.rb b/lib/auth0/roles/groups/types/list_role_groups_parameters.rb
new file mode 100644
index 00000000..f8113cb8
--- /dev/null
+++ b/lib/auth0/roles/groups/types/list_role_groups_parameters.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Roles
+ module Groups
+ module Types
+ class ListRoleGroupsParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/roles/permissions/client.rb b/lib/auth0/roles/permissions/client.rb
index eb3133b6..1b5bedb5 100644
--- a/lib/auth0/roles/permissions/client.rb
+++ b/lib/auth0/roles/permissions/client.rb
@@ -63,9 +63,9 @@ def list(request_options: {}, **params)
end
end
- # Add one or more permissions
- # to a specified user role.
+ # Add one or more
+ # [permissions](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/manage-permissions) to a
+ # specified user role.
#
# @param request_options [Hash]
# @param params [Auth0::Roles::Permissions::Types::AddRolePermissionsRequestContent]
@@ -102,9 +102,9 @@ def add(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Remove one or more permissions
- # from a specified user role.
+ # Remove one or more
+ # [permissions](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/manage-permissions) from
+ # a specified user role.
#
# @param request_options [Hash]
# @param params [Auth0::Roles::Permissions::Types::DeleteRolePermissionsRequestContent]
diff --git a/lib/auth0/roles/users/client.rb b/lib/auth0/roles/users/client.rb
index 410c7e24..11628408 100644
--- a/lib/auth0/roles/users/client.rb
+++ b/lib/auth0/roles/users/client.rb
@@ -11,31 +11,27 @@ def initialize(client:)
@client = client
end
- # Retrieve list of users associated with a specific role. For Dashboard instructions, review View
- # Users Assigned to Roles.
+ # Retrieve list of users associated with a specific role. For Dashboard instructions, review [View Users
+ # Assigned to
+ # Roles](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/roles/view-users-assigned-to-roles).
#
# This endpoint supports two types of pagination:
- #
- # - Offset pagination
- # - Checkpoint pagination
- #
+ #
+ # - Offset pagination
+ # - Checkpoint pagination
#
# Checkpoint pagination must be used if you need to retrieve more than 1000 organization members.
#
- # Checkpoint Pagination
+ # **Checkpoint Pagination**
#
# To search by checkpoint, use the following parameters:
- #
- # from: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to
- # 50.
#
- # Note: The first time you call this endpoint using checkpoint pagination, omit the from
- # parameter. If there are more results, a next value is included in the response. You can use this
- # for subsequent API calls. When next is no longer included in the response, no pages are
- # remaining.
+ # - `from`: Optional id from which to start selection.
+ # - `take`: The total amount of entries to retrieve when using the from parameter. Defaults to 50.
+ #
+ # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If
+ # there are more results, a `next` value is included in the response. You can use this for subsequent API calls.
+ # When `next` is no longer included in the response, no pages are remaining.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -84,10 +80,10 @@ def list(request_options: {}, **params)
end
end
- # Assign one or more users to an existing user role. To learn more, review Role-Based Access Control.
+ # Assign one or more users to an existing user role. To learn more, review [Role-Based Access
+ # Control](https://auth0.com/docs/manage-users/access-control/rbac).
#
- # Note: New roles cannot be created through this action.
+ # **Note**: New roles cannot be created through this action.
#
# @param request_options [Hash]
# @param params [Auth0::Roles::Users::Types::AssignRoleUsersRequestContent]
diff --git a/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb b/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb
index f3f2bb09..92739bfa 100644
--- a/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb
+++ b/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb
@@ -76,6 +76,8 @@ class UpdateTenantSettingsRequestContent < Internal::Types::Model
field :phone_consolidated_experience, -> { Internal::Types::Boolean }, optional: true, nullable: false
field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false
+
+ field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodes }, optional: true, nullable: false
end
end
end
diff --git a/lib/auth0/token_exchange_profiles/client.rb b/lib/auth0/token_exchange_profiles/client.rb
index b1e02c3f..d95fe3f1 100644
--- a/lib/auth0/token_exchange_profiles/client.rb
+++ b/lib/auth0/token_exchange_profiles/client.rb
@@ -12,21 +12,18 @@ def initialize(client:)
# Retrieve a list of all Token Exchange Profiles available in your tenant.
#
- # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to
- # securely validate the user’s subject_token. See User Guide for more details.
+ # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription
+ # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s
+ # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details.
#
# This endpoint supports Checkpoint pagination. To search by checkpoint, use the following parameters:
- #
- # from: Optional id from which to start selection.take: The total amount of entries to retrieve when using the from parameter. Defaults to
- # 50.
#
- # Note: The first time you call this endpoint using checkpoint pagination, omit the from
- # parameter. If there are more results, a next value is included in the response. You can use this
- # for subsequent API calls. When next is no longer included in the response, no pages are remaining.
+ # - `from`: Optional id from which to start selection.
+ # - `take`: The total amount of entries to retrieve when using the from parameter. Defaults to 50.
+ #
+ # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If there
+ # are more results, a `next` value is included in the response. You can use this for subsequent API calls. When
+ # `next` is no longer included in the response, no pages are remaining.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -76,10 +73,9 @@ def list(request_options: {}, **params)
# Create a new Token Exchange Profile within your tenant.
#
- # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to
- # securely validate the user’s subject_token. See User Guide for more details.
+ # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription
+ # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s
+ # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details.
#
# @param request_options [Hash]
# @param params [Auth0::TokenExchangeProfiles::Types::CreateTokenExchangeProfileRequestContent]
@@ -115,10 +111,9 @@ def create(request_options: {}, **params)
# Retrieve details about a single Token Exchange Profile specified by ID.
#
- # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to
- # securely validate the user’s subject_token. See User Guide for more details.
+ # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription
+ # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s
+ # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -154,11 +149,9 @@ def get(request_options: {}, **params)
# Delete a Token Exchange Profile within your tenant.
#
- # By using this feature, you agree to the applicable Free Trial terms in Okta's Master Subscription Agreement. It is your responsibility to
- # securely validate the user's subject_token. See User Guide for more details.
- #
+ # By using this feature, you agree to the applicable Free Trial terms in [Okta's Master Subscription
+ # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user's
+ # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -192,11 +185,9 @@ def delete(request_options: {}, **params)
# Update a Token Exchange Profile within your tenant.
#
- # By using this feature, you agree to the applicable Free Trial terms in Okta's Master Subscription Agreement. It is your responsibility to
- # securely validate the user's subject_token. See User Guide for more details.
- #
+ # By using this feature, you agree to the applicable Free Trial terms in [Okta's Master Subscription
+ # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user's
+ # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details.
#
# @param request_options [Hash]
# @param params [Auth0::TokenExchangeProfiles::Types::UpdateTokenExchangeProfileRequestContent]
diff --git a/lib/auth0/types/client_external_metadata_type_enum.rb b/lib/auth0/types/client_external_metadata_type_enum.rb
index 02cdb36d..0e09fa6b 100644
--- a/lib/auth0/types/client_external_metadata_type_enum.rb
+++ b/lib/auth0/types/client_external_metadata_type_enum.rb
@@ -6,6 +6,7 @@ module ClientExternalMetadataTypeEnum
extend Auth0::Internal::Types::Enum
CIMD = "cimd"
+ DCR = "dcr"
end
end
end
diff --git a/lib/auth0/types/connection_properties_options.rb b/lib/auth0/types/connection_properties_options.rb
index ad722044..553eb44a 100644
--- a/lib/auth0/types/connection_properties_options.rb
+++ b/lib/auth0/types/connection_properties_options.rb
@@ -70,6 +70,8 @@ class ConnectionPropertiesOptions < Internal::Types::Model
field :id_token_signed_response_algs, -> { Internal::Types::Array[Auth0::Types::ConnectionIDTokenSignedResponseAlgEnum] }, optional: true, nullable: false
+ field :dpop_signing_alg, -> { Auth0::Types::ConnectionDpopSigningAlgEnum }, optional: true, nullable: false
+
field :token_endpoint_auth_method, -> { Auth0::Types::ConnectionTokenEndpointAuthMethodEnum }, optional: true, nullable: false
field :token_endpoint_auth_signing_alg, -> { Auth0::Types::ConnectionTokenEndpointAuthSigningAlgEnum }, optional: true, nullable: false
diff --git a/lib/auth0/types/get_tenant_settings_response_content.rb b/lib/auth0/types/get_tenant_settings_response_content.rb
index af213fcc..060e2ff0 100644
--- a/lib/auth0/types/get_tenant_settings_response_content.rb
+++ b/lib/auth0/types/get_tenant_settings_response_content.rb
@@ -76,6 +76,8 @@ class GetTenantSettingsResponseContent < Internal::Types::Model
field :enable_ai_guide, -> { Internal::Types::Boolean }, optional: true, nullable: false
field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false
+
+ field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodesResponse }, optional: true, nullable: false
end
end
end
diff --git a/lib/auth0/types/list_group_roles_response_content.rb b/lib/auth0/types/list_group_roles_response_content.rb
new file mode 100644
index 00000000..6496f976
--- /dev/null
+++ b/lib/auth0/types/list_group_roles_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListGroupRolesResponseContent < Internal::Types::Model
+ field :roles, -> { Internal::Types::Array[Auth0::Types::Role] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_organization_group_roles_response_content.rb b/lib/auth0/types/list_organization_group_roles_response_content.rb
new file mode 100644
index 00000000..81d0a884
--- /dev/null
+++ b/lib/auth0/types/list_organization_group_roles_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListOrganizationGroupRolesResponseContent < Internal::Types::Model
+ field :roles, -> { Internal::Types::Array[Auth0::Types::Role] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_organization_groups_response_content.rb b/lib/auth0/types/list_organization_groups_response_content.rb
new file mode 100644
index 00000000..ac197504
--- /dev/null
+++ b/lib/auth0/types/list_organization_groups_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListOrganizationGroupsResponseContent < Internal::Types::Model
+ field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_organization_member_effective_roles_response_content.rb b/lib/auth0/types/list_organization_member_effective_roles_response_content.rb
new file mode 100644
index 00000000..c8d4b1db
--- /dev/null
+++ b/lib/auth0/types/list_organization_member_effective_roles_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListOrganizationMemberEffectiveRolesResponseContent < Internal::Types::Model
+ field :roles, -> { Internal::Types::Array[Auth0::Types::OrganizationMemberEffectiveRole] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb b/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb
new file mode 100644
index 00000000..bf1a2e7a
--- /dev/null
+++ b/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListOrganizationMemberRoleSourceGroupsResponseContent < Internal::Types::Model
+ field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_role_groups_response_content.rb b/lib/auth0/types/list_role_groups_response_content.rb
new file mode 100644
index 00000000..20613539
--- /dev/null
+++ b/lib/auth0/types/list_role_groups_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListRoleGroupsResponseContent < Internal::Types::Model
+ field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb b/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb
new file mode 100644
index 00000000..0dc5ad3d
--- /dev/null
+++ b/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListUserEffectivePermissionRoleSourcesResponseContent < Internal::Types::Model
+ field :roles, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionRoleSourceResponseContent] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_user_effective_permissions_response_content.rb b/lib/auth0/types/list_user_effective_permissions_response_content.rb
new file mode 100644
index 00000000..d8e51248
--- /dev/null
+++ b/lib/auth0/types/list_user_effective_permissions_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListUserEffectivePermissionsResponseContent < Internal::Types::Model
+ field :permissions, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionResponseContent] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_user_effective_roles_response_content.rb b/lib/auth0/types/list_user_effective_roles_response_content.rb
new file mode 100644
index 00000000..b198bbc5
--- /dev/null
+++ b/lib/auth0/types/list_user_effective_roles_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListUserEffectiveRolesResponseContent < Internal::Types::Model
+ field :roles, -> { Internal::Types::Array[Auth0::Types::UserEffectiveRole] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/list_user_role_source_groups_response_content.rb b/lib/auth0/types/list_user_role_source_groups_response_content.rb
new file mode 100644
index 00000000..c1a20628
--- /dev/null
+++ b/lib/auth0/types/list_user_role_source_groups_response_content.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class ListUserRoleSourceGroupsResponseContent < Internal::Types::Model
+ field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false
+
+ field :next_, -> { String }, optional: true, nullable: false, api_name: "next"
+ end
+ end
+end
diff --git a/lib/auth0/types/oauth_scope.rb b/lib/auth0/types/oauth_scope.rb
index 74fbcfe1..c559e595 100644
--- a/lib/auth0/types/oauth_scope.rb
+++ b/lib/auth0/types/oauth_scope.rb
@@ -104,6 +104,9 @@ module OauthScope
READ_GRANTS = "read:grants"
DELETE_GRANTS = "delete:grants"
READ_GROUP_MEMBERS = "read:group_members"
+ CREATE_GROUP_ROLES = "create:group_roles"
+ READ_GROUP_ROLES = "read:group_roles"
+ DELETE_GROUP_ROLES = "delete:group_roles"
READ_GROUPS = "read:groups"
DELETE_GROUPS = "delete:groups"
CREATE_GUARDIAN_ENROLLMENT_TICKETS = "create:guardian_enrollment_tickets"
@@ -138,9 +141,15 @@ module OauthScope
READ_ORGANIZATION_DISCOVERY_DOMAINS = "read:organization_discovery_domains"
UPDATE_ORGANIZATION_DISCOVERY_DOMAINS = "update:organization_discovery_domains"
DELETE_ORGANIZATION_DISCOVERY_DOMAINS = "delete:organization_discovery_domains"
+ CREATE_ORGANIZATION_GROUP_ROLES = "create:organization_group_roles"
+ READ_ORGANIZATION_GROUP_ROLES = "read:organization_group_roles"
+ DELETE_ORGANIZATION_GROUP_ROLES = "delete:organization_group_roles"
+ READ_ORGANIZATION_GROUPS = "read:organization_groups"
CREATE_ORGANIZATION_INVITATIONS = "create:organization_invitations"
READ_ORGANIZATION_INVITATIONS = "read:organization_invitations"
DELETE_ORGANIZATION_INVITATIONS = "delete:organization_invitations"
+ READ_ORGANIZATION_MEMBER_EFFECTIVE_ROLES = "read:organization_member_effective_roles"
+ READ_ORGANIZATION_MEMBER_ROLE_SOURCE_GROUPS = "read:organization_member_role_source_groups"
CREATE_ORGANIZATION_MEMBER_ROLES = "create:organization_member_roles"
READ_ORGANIZATION_MEMBER_ROLES = "read:organization_member_roles"
DELETE_ORGANIZATION_MEMBER_ROLES = "delete:organization_member_roles"
@@ -219,7 +228,11 @@ module OauthScope
READ_USER_ATTRIBUTE_PROFILES = "read:user_attribute_profiles"
UPDATE_USER_ATTRIBUTE_PROFILES = "update:user_attribute_profiles"
DELETE_USER_ATTRIBUTE_PROFILES = "delete:user_attribute_profiles"
+ READ_USER_EFFECTIVE_PERMISSIONS = "read:user_effective_permissions"
+ READ_USER_EFFECTIVE_ROLES = "read:user_effective_roles"
READ_USER_IDP_TOKENS = "read:user_idp_tokens"
+ READ_USER_PERMISSION_SOURCE_ROLES = "read:user_permission_source_roles"
+ READ_USER_ROLE_SOURCE_GROUPS = "read:user_role_source_groups"
CREATE_USER_TICKETS = "create:user_tickets"
CREATE_USERS = "create:users"
READ_USERS = "read:users"
diff --git a/lib/auth0/types/organization_member_effective_role.rb b/lib/auth0/types/organization_member_effective_role.rb
new file mode 100644
index 00000000..6cb8579a
--- /dev/null
+++ b/lib/auth0/types/organization_member_effective_role.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class OrganizationMemberEffectiveRole < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :name, -> { String }, optional: false, nullable: false
+
+ field :description, -> { String }, optional: false, nullable: false
+
+ field :sources, -> { Internal::Types::Array[Auth0::Types::OrganizationMemberEffectiveRoleSource] }, optional: false, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/organization_member_effective_role_source.rb b/lib/auth0/types/organization_member_effective_role_source.rb
new file mode 100644
index 00000000..a369248f
--- /dev/null
+++ b/lib/auth0/types/organization_member_effective_role_source.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module OrganizationMemberEffectiveRoleSource
+ extend Auth0::Internal::Types::Enum
+
+ DIRECT = "direct"
+ GROUPS = "groups"
+ end
+ end
+end
diff --git a/lib/auth0/types/tenant_settings_country_codes.rb b/lib/auth0/types/tenant_settings_country_codes.rb
new file mode 100644
index 00000000..b73410b5
--- /dev/null
+++ b/lib/auth0/types/tenant_settings_country_codes.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ # Phone country code configuration for identifier input.
+ class TenantSettingsCountryCodes < Internal::Types::Model
+ field :list, -> { Internal::Types::Array[String] }, optional: true, nullable: false
+
+ field :mode, -> { Auth0::Types::TenantSettingsCountryCodesMode }, optional: true, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/tenant_settings_country_codes_mode.rb b/lib/auth0/types/tenant_settings_country_codes_mode.rb
new file mode 100644
index 00000000..2f68c143
--- /dev/null
+++ b/lib/auth0/types/tenant_settings_country_codes_mode.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module TenantSettingsCountryCodesMode
+ extend Auth0::Internal::Types::Enum
+
+ ALLOW = "allow"
+ DENY = "deny"
+ end
+ end
+end
diff --git a/lib/auth0/types/tenant_settings_country_codes_mode_response.rb b/lib/auth0/types/tenant_settings_country_codes_mode_response.rb
new file mode 100644
index 00000000..4e2f792a
--- /dev/null
+++ b/lib/auth0/types/tenant_settings_country_codes_mode_response.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module TenantSettingsCountryCodesModeResponse
+ extend Auth0::Internal::Types::Enum
+
+ ALLOW = "allow"
+ DENY = "deny"
+ end
+ end
+end
diff --git a/lib/auth0/types/tenant_settings_country_codes_response.rb b/lib/auth0/types/tenant_settings_country_codes_response.rb
new file mode 100644
index 00000000..9c993572
--- /dev/null
+++ b/lib/auth0/types/tenant_settings_country_codes_response.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ # Phone country code configuration for identifier input.
+ class TenantSettingsCountryCodesResponse < Internal::Types::Model
+ field :list, -> { Internal::Types::Array[String] }, optional: true, nullable: false
+
+ field :mode, -> { Auth0::Types::TenantSettingsCountryCodesModeResponse }, optional: true, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/update_connection_options.rb b/lib/auth0/types/update_connection_options.rb
index 672c6b79..e5ee5ebb 100644
--- a/lib/auth0/types/update_connection_options.rb
+++ b/lib/auth0/types/update_connection_options.rb
@@ -73,6 +73,8 @@ class UpdateConnectionOptions < Internal::Types::Model
field :id_token_signed_response_algs, -> { Internal::Types::Array[Auth0::Types::ConnectionIDTokenSignedResponseAlgEnum] }, optional: true, nullable: false
+ field :dpop_signing_alg, -> { Auth0::Types::ConnectionDpopSigningAlgEnum }, optional: true, nullable: false
+
field :token_endpoint_auth_method, -> { Auth0::Types::ConnectionTokenEndpointAuthMethodEnum }, optional: true, nullable: false
field :token_endpoint_auth_signing_alg, -> { Auth0::Types::ConnectionTokenEndpointAuthSigningAlgEnum }, optional: true, nullable: false
diff --git a/lib/auth0/types/update_tenant_settings_response_content.rb b/lib/auth0/types/update_tenant_settings_response_content.rb
index 6a155a83..09a6105f 100644
--- a/lib/auth0/types/update_tenant_settings_response_content.rb
+++ b/lib/auth0/types/update_tenant_settings_response_content.rb
@@ -76,6 +76,8 @@ class UpdateTenantSettingsResponseContent < Internal::Types::Model
field :enable_ai_guide, -> { Internal::Types::Boolean }, optional: true, nullable: false
field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false
+
+ field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodesResponse }, optional: true, nullable: false
end
end
end
diff --git a/lib/auth0/types/user_effective_permission_response_content.rb b/lib/auth0/types/user_effective_permission_response_content.rb
new file mode 100644
index 00000000..f8eaf9eb
--- /dev/null
+++ b/lib/auth0/types/user_effective_permission_response_content.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class UserEffectivePermissionResponseContent < Internal::Types::Model
+ field :resource_server_identifier, -> { String }, optional: true, nullable: false
+
+ field :permission_name, -> { String }, optional: true, nullable: false
+
+ field :resource_server_name, -> { String }, optional: true, nullable: false
+
+ field :description, -> { String }, optional: true, nullable: false
+
+ field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionSourceEnum] }, optional: true, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/user_effective_permission_role_source_enum.rb b/lib/auth0/types/user_effective_permission_role_source_enum.rb
new file mode 100644
index 00000000..7046ccb5
--- /dev/null
+++ b/lib/auth0/types/user_effective_permission_role_source_enum.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module UserEffectivePermissionRoleSourceEnum
+ extend Auth0::Internal::Types::Enum
+
+ DIRECT = "direct"
+ GROUPS = "groups"
+ end
+ end
+end
diff --git a/lib/auth0/types/user_effective_permission_role_source_response_content.rb b/lib/auth0/types/user_effective_permission_role_source_response_content.rb
new file mode 100644
index 00000000..7a78d47a
--- /dev/null
+++ b/lib/auth0/types/user_effective_permission_role_source_response_content.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class UserEffectivePermissionRoleSourceResponseContent < Internal::Types::Model
+ field :id, -> { String }, optional: true, nullable: false
+
+ field :name, -> { String }, optional: true, nullable: false
+
+ field :description, -> { String }, optional: true, nullable: false
+
+ field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionRoleSourceEnum] }, optional: true, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/user_effective_permission_source_enum.rb b/lib/auth0/types/user_effective_permission_source_enum.rb
new file mode 100644
index 00000000..fe21ed72
--- /dev/null
+++ b/lib/auth0/types/user_effective_permission_source_enum.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module UserEffectivePermissionSourceEnum
+ extend Auth0::Internal::Types::Enum
+
+ DIRECT = "direct"
+ ROLES = "roles"
+ end
+ end
+end
diff --git a/lib/auth0/types/user_effective_role.rb b/lib/auth0/types/user_effective_role.rb
new file mode 100644
index 00000000..949e2752
--- /dev/null
+++ b/lib/auth0/types/user_effective_role.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ class UserEffectiveRole < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :name, -> { String }, optional: false, nullable: false
+
+ field :description, -> { String }, optional: false, nullable: false
+
+ field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectiveRoleSource] }, optional: false, nullable: false
+ end
+ end
+end
diff --git a/lib/auth0/types/user_effective_role_source.rb b/lib/auth0/types/user_effective_role_source.rb
new file mode 100644
index 00000000..ce33f929
--- /dev/null
+++ b/lib/auth0/types/user_effective_role_source.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Types
+ module UserEffectiveRoleSource
+ extend Auth0::Internal::Types::Enum
+
+ DIRECT = "direct"
+ GROUPS = "groups"
+ end
+ end
+end
diff --git a/lib/auth0/user_attribute_profiles/client.rb b/lib/auth0/user_attribute_profiles/client.rb
index c8644431..725272f5 100644
--- a/lib/auth0/user_attribute_profiles/client.rb
+++ b/lib/auth0/user_attribute_profiles/client.rb
@@ -58,7 +58,7 @@ def list(request_options: {}, **params)
end
end
- # Create a User Attribute Profile
+ # Create a User Attribute Profile.
#
# @param request_options [Hash]
# @param params [Auth0::UserAttributeProfiles::Types::CreateUserAttributeProfileRequestContent]
diff --git a/lib/auth0/user_blocks/client.rb b/lib/auth0/user_blocks/client.rb
index c90b0dd1..5f3e111b 100644
--- a/lib/auth0/user_blocks/client.rb
+++ b/lib/auth0/user_blocks/client.rb
@@ -10,9 +10,9 @@ def initialize(client:)
@client = client
end
- # Retrieve details of all Brute-force Protection blocks
- # for a user with the given identifier (username, phone number, or email).
+ # Retrieve details of all [Brute-force
+ # Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) blocks for a user with the
+ # given identifier (username, phone number, or email).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -52,11 +52,11 @@ def list_by_identifier(request_options: {}, **params)
end
end
- # Remove all Brute-force
- # Protection blocks for the user with the given identifier (username, phone number, or email).
+ # Remove all [Brute-force Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection)
+ # blocks for the user with the given identifier (username, phone number, or email).
#
- # Note: This endpoint does not unblock users that were blocked by a tenant administrator.
+ # Note: This endpoint does not unblock users that were [blocked by a tenant
+ # administrator](https://auth0.com/docs/user-profile#block-and-unblock-a-user).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -92,9 +92,9 @@ def delete_by_identifier(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Retrieve details of all Brute-force Protection blocks
- # for the user with the given ID.
+ # Retrieve details of all [Brute-force
+ # Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) blocks for the user with the
+ # given ID.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -133,11 +133,11 @@ def list(request_options: {}, **params)
end
end
- # Remove all Brute-force
- # Protection blocks for the user with the given ID.
+ # Remove all [Brute-force Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection)
+ # blocks for the user with the given ID.
#
- # Note: This endpoint does not unblock users that were blocked by a tenant administrator.
+ # Note: This endpoint does not unblock users that were [blocked by a tenant
+ # administrator](https://auth0.com/docs/user-profile#block-and-unblock-a-user).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/user_grants/client.rb b/lib/auth0/user_grants/client.rb
index a0bc4068..7ad57892 100644
--- a/lib/auth0/user_grants/client.rb
+++ b/lib/auth0/user_grants/client.rb
@@ -10,8 +10,7 @@ def initialize(client:)
@client = client
end
- # Retrieve the grants associated with your
- # account.
+ # Retrieve the [grants](https://auth0.com/docs/api-auth/which-oauth-flow-to-use) associated with your account.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/authenticators/client.rb b/lib/auth0/users/authenticators/client.rb
index 9c9aa6c1..2b3ebb47 100644
--- a/lib/auth0/users/authenticators/client.rb
+++ b/lib/auth0/users/authenticators/client.rb
@@ -12,9 +12,8 @@ def initialize(client:)
end
# Remove all authenticators registered to a given user ID, such as OTP, email, phone, and push-notification.
- # This action cannot be undone. For more information, review Manage
- # Authentication Methods with Management API.
+ # This action cannot be undone. For more information, review [Manage Authentication Methods with Management
+ # API](https://auth0.com/docs/secure/multi-factor-authentication/manage-mfa-auth0-apis/manage-authentication-methods-with-management-api).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/client.rb b/lib/auth0/users/client.rb
index a4adc6b7..b1d4bacb 100644
--- a/lib/auth0/users/client.rb
+++ b/lib/auth0/users/client.rb
@@ -16,18 +16,22 @@ def initialize(client:)
# - Sort the users to be returned
# - Select the fields to be returned
# - Specify the number of users to retrieve per page and the page index
- #
- # The q query parameter can be used to get users that match the specified criteria using query string syntax.
#
- # Learn more about searching for users.
#
- # Read about best practices when working with the
- # API endpoints for retrieving users.
+ #
+ # The `q` query parameter can be used to get users that match the specified criteria [using query string
+ # syntax.](https://auth0.com/docs/users/search/v3/query-syntax)
+ #
+ # [Learn more about searching for users.](https://auth0.com/docs/users/search/v3)
+ #
+ # Read about [best practices](https://auth0.com/docs/users/search/best-practices) when working with the API
+ # endpoints for retrieving users.
+ #
+ #
#
# Auth0 limits the number of users you can return. If you exceed this threshold, please redefine your search, use
- # the export job, or the User Import / Export extension.
+ # the [export job](https://auth0.com/docs/api/management/v2#!/Jobs/post_users_exports), or the [User Import /
+ # Export](https://auth0.com/docs/extensions/user-import-export) extension.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -92,11 +96,11 @@ def list(request_options: {}, **params)
end
end
- # Create a new user for a given database or passwordless connection.
+ # Create a new user for a given [database](https://auth0.com/docs/connections/database) or
+ # [passwordless](https://auth0.com/docs/connections/passwordless) connection.
#
- # Note: connection is required but other parameters such as email and
- # password are dependent upon the type of connection.
+ # Note: `connection` is required but other parameters such as `email` and `password` are dependent upon the type
+ # of connection.
#
# @param request_options [Hash]
# @param params [Auth0::Users::Types::CreateUserRequestContent]
@@ -178,8 +182,8 @@ def list_users_by_email(request_options: {}, **params)
end
# Retrieve user details. A list of fields to include or exclude may also be specified. For more information, see
- # Retrieve Users
- # with the Get Users Endpoint.
+ # [Retrieve Users with the Get Users
+ # Endpoint](https://auth0.com/docs/manage-users/user-search/retrieve-users-with-get-users-endpoint).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -220,8 +224,8 @@ def get(request_options: {}, **params)
end
end
- # Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users.
+ # Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see [Delete
+ # Users](https://auth0.com/docs/manage-users/user-accounts/delete-users).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -257,75 +261,90 @@ def delete(request_options: {}, **params)
#
# These are the attributes that can be updated at the root level:
#
- #
- # - app_metadata
- # - blocked
- # - email
- # - email_verified
- # - family_name
- # - given_name
- # - name
- # - nickname
- # - password
- # - phone_number
- # - phone_verified
- # - picture
- # - username
- # - user_metadata
- # - verify_email
- #
+ # - app_metadata
+ # - blocked
+ # - email
+ # - email_verified
+ # - family_name
+ # - given_name
+ # - name
+ # - nickname
+ # - password
+ # - phone_number
+ # - phone_verified
+ # - picture
+ # - username
+ # - user_metadata
+ # - verify_email
#
# Some considerations:
- #
- # - The properties of the new object will replace the old ones.
- # - The metadata fields are an exception to this rule (
user_metadata and
- # app_metadata). These properties are merged instead of being replaced but be careful, the merge only
- # occurs on the first level.
- # - If you are updating
email, email_verified, phone_number,
- # phone_verified, username or password of a secondary identity, you need to
- # specify the connection property too.
- # - If you are updating
email or phone_number you can specify, optionally, the
- # client_id property.
- # - Updating
email_verified is not supported for enterprise and passwordless sms connections.
- # - Updating the
blocked to false does not affect the user's blocked state from an
- # excessive amount of incorrectly provided credentials. Use the "Unblock a user" endpoint from the "User Blocks"
- # API to change the user's state.
- # - Supported attributes can be unset by supplying
null as the value.
- #
- #
- # Updating a field (non-metadata property)
+ #
+ # - The properties of the new object will replace the old ones.
+ # - The metadata fields are an exception to this rule (`user_metadata` and `app_metadata`). These properties are
+ # merged instead of being replaced but be careful, the merge only occurs on the first level.
+ # - If you are updating `email`, `email_verified`, `phone_number`, `phone_verified`, `username` or `password` of a
+ # secondary identity, you need to specify the `connection` property too.
+ # - If you are updating `email` or `phone_number` you can specify, optionally, the `client_id` property.
+ # - Updating `email_verified` is not supported for enterprise and passwordless sms connections.
+ # - Updating the `blocked` to `false` does not affect the user's blocked state from an excessive amount of
+ # incorrectly provided credentials. Use the "Unblock a user" endpoint from the "User Blocks" API to change the
+ # user's state.
+ # - Supported attributes can be unset by supplying `null` as the value.
+ #
+ # **Updating a field (non-metadata property)**
+ #
# To mark the email address of a user as verified, the body to send should be:
- # { "email_verified": true }
#
- # Updating a user metadata root property
Let's assume that our test user has the following
- # user_metadata:
- # { "user_metadata" : { "profileCode": 1479 } }
+ # ```json
+ # { "email_verified": true }
+ # ```
+ #
+ # **Updating a user metadata root property**
+ #
+ # Let's assume that our test user has the following `user_metadata`:
#
- # To add the field addresses the body to send should be:
- # { "user_metadata" : { "addresses": {"work_address": "100 Industrial Way"} }}
+ # ```json
+ # { "user_metadata" : { "profileCode": 1479 } }
+ # ```
#
- # The modified object ends up with the following user_metadata property:{
+ # To add the field `addresses` the body to send should be:
+ #
+ # ```json
+ # { "user_metadata" : { "addresses": {"work_address": "100 Industrial Way"} }}
+ # ```
+ #
+ # The modified object ends up with the following `user_metadata` property:
+ #
+ # ```json
+ # {
# "user_metadata": {
# "profileCode": 1479,
# "addresses": { "work_address": "100 Industrial Way" }
# }
- # }
+ # }
+ # ```
+ #
+ # **Updating an inner user metadata property**
+ #
+ # If there's existing user metadata to which we want to add `"home_address": "742 Evergreen Terrace"` (using the
+ # `addresses` property) we should send the whole `addresses` object. Since this is a first-level object, the
+ # object will be merged in, but its own properties will not be. The body to send should be:
#
- # Updating an inner user metadata property
If there's existing user metadata to which we want to add
- # "home_address": "742 Evergreen Terrace" (using the addresses property) we should send
- # the whole addresses object. Since this is a first-level object, the object will be merged in, but
- # its own properties will not be. The body to send should be:
- # {
+ # ```json
+ # {
# "user_metadata": {
# "addresses": {
# "work_address": "100 Industrial Way",
# "home_address": "742 Evergreen Terrace"
# }
# }
- # }
+ # }
+ # ```
#
- # The modified object ends up with the following user_metadata property:
- # {
+ # The modified object ends up with the following `user_metadata` property:
+ #
+ # ```json
+ # {
# "user_metadata": {
# "profileCode": 1479,
# "addresses": {
@@ -333,7 +352,8 @@ def delete(request_options: {}, **params)
# "home_address": "742 Evergreen Terrace"
# }
# }
- # }
+ # }
+ # ```
#
# @param request_options [Hash]
# @param params [Auth0::Users::Types::UpdateUserRequestContent]
@@ -372,10 +392,10 @@ def update(request_options: {}, **params)
end
end
- # Remove an existing multi-factor authentication (MFA) recovery code and generate a
- # new one. If a user cannot access the original device or account used for MFA enrollment, they can use a recovery
- # code to authenticate.
+ # Remove an existing multi-factor authentication (MFA) [recovery
+ # code](https://auth0.com/docs/secure/multi-factor-authentication/reset-user-mfa) and generate a new one. If a
+ # user cannot access the original device or account used for MFA enrollment, they can use a recovery code to
+ # authenticate.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -461,6 +481,16 @@ def connected_accounts
@connected_accounts ||= Auth0::Users::ConnectedAccounts::Client.new(client: @client)
end
+ # @return [Auth0::EffectivePermissions::Client]
+ def effective_permissions
+ @effective_permissions ||= Auth0::Users::EffectivePermissions::Client.new(client: @client)
+ end
+
+ # @return [Auth0::EffectiveRoles::Client]
+ def effective_roles
+ @effective_roles ||= Auth0::Users::EffectiveRoles::Client.new(client: @client)
+ end
+
# @return [Auth0::Enrollments::Client]
def enrollments
@enrollments ||= Auth0::Users::Enrollments::Client.new(client: @client)
diff --git a/lib/auth0/users/effective_permissions/client.rb b/lib/auth0/users/effective_permissions/client.rb
new file mode 100644
index 00000000..23173a11
--- /dev/null
+++ b/lib/auth0/users/effective_permissions/client.rb
@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectivePermissions
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Returns the list of effective permissions for a user, taking into account permissions granted directly to the
+ # user, as well as those inherited through roles and group memberships.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ # @option params [String] :resource_server_identifier
+ #
+ # @return [Auth0::Types::ListUserEffectivePermissionsResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+ query_params["resource_server_identifier"] = params[:resource_server_identifier] if params.key?(:resource_server_identifier)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :permissions,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-permissions",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListUserEffectivePermissionsResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # @return [Auth0::Sources::Client]
+ def sources
+ @sources ||= Auth0::Users::EffectivePermissions::Sources::Client.new(client: @client)
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_permissions/sources/client.rb b/lib/auth0/users/effective_permissions/sources/client.rb
new file mode 100644
index 00000000..f8136d26
--- /dev/null
+++ b/lib/auth0/users/effective_permissions/sources/client.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectivePermissions
+ module Sources
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # @return [Auth0::Roles::Client]
+ def roles
+ @roles ||= Auth0::Users::EffectivePermissions::Sources::Roles::Client.new(client: @client)
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_permissions/sources/roles/client.rb b/lib/auth0/users/effective_permissions/sources/roles/client.rb
new file mode 100644
index 00000000..0607cc3e
--- /dev/null
+++ b/lib/auth0/users/effective_permissions/sources/roles/client.rb
@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectivePermissions
+ module Sources
+ module Roles
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the roles which grant the user a given permission, including roles assigned directly to the user and
+ # those inherited through group memberships.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ # @option params [String] :resource_server_identifier
+ # @option params [String] :permission_name
+ #
+ # @return [Auth0::Types::ListUserEffectivePermissionRoleSourcesResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+ query_params["resource_server_identifier"] = params[:resource_server_identifier] if params.key?(:resource_server_identifier)
+ query_params["permission_name"] = params[:permission_name] if params.key?(:permission_name)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :roles,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-permissions/sources/effective-roles",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListUserEffectivePermissionRoleSourcesResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb b/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb
new file mode 100644
index 00000000..f67218a8
--- /dev/null
+++ b/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectivePermissions
+ module Sources
+ module Roles
+ module Types
+ class ListUserEffectivePermissionRoleSourceRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+
+ field :resource_server_identifier, -> { String }, optional: false, nullable: false
+
+ field :permission_name, -> { String }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb b/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb
new file mode 100644
index 00000000..4f374142
--- /dev/null
+++ b/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectivePermissions
+ module Types
+ class ListUserEffectivePermissionsRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+
+ field :resource_server_identifier, -> { String }, optional: false, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_roles/client.rb b/lib/auth0/users/effective_roles/client.rb
new file mode 100644
index 00000000..fbcdaeb2
--- /dev/null
+++ b/lib/auth0/users/effective_roles/client.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectiveRoles
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Retrieve detailed list of effective roles for a user, including roles assigned directly and through group
+ # memberships.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListUserEffectiveRolesResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :roles,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-roles",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListUserEffectiveRolesResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+
+ # @return [Auth0::Sources::Client]
+ def sources
+ @sources ||= Auth0::Users::EffectiveRoles::Sources::Client.new(client: @client)
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_roles/sources/client.rb b/lib/auth0/users/effective_roles/sources/client.rb
new file mode 100644
index 00000000..9980ff9f
--- /dev/null
+++ b/lib/auth0/users/effective_roles/sources/client.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectiveRoles
+ module Sources
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # @return [Auth0::Groups::Client]
+ def groups
+ @groups ||= Auth0::Users::EffectiveRoles::Sources::Groups::Client.new(client: @client)
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_roles/sources/groups/client.rb b/lib/auth0/users/effective_roles/sources/groups/client.rb
new file mode 100644
index 00000000..6e6369c5
--- /dev/null
+++ b/lib/auth0/users/effective_roles/sources/groups/client.rb
@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectiveRoles
+ module Sources
+ module Groups
+ class Client
+ # @param client [Auth0::Internal::Http::RawClient]
+ #
+ # @return [void]
+ def initialize(client:)
+ @client = client
+ end
+
+ # Lists the groups that grant a user a specific role.
+ #
+ # @param request_options [Hash]
+ # @param params [Hash]
+ # @option request_options [String] :base_url
+ # @option request_options [Hash{String => Object}] :additional_headers
+ # @option request_options [Hash{String => Object}] :additional_query_parameters
+ # @option request_options [Hash{String => Object}] :additional_body_parameters
+ # @option request_options [Integer] :timeout_in_seconds
+ # @option params [String] :id
+ # @option params [String] :role_id
+ # @option params [String, nil] :from
+ # @option params [Integer, nil] :take
+ #
+ # @return [Auth0::Types::ListUserRoleSourceGroupsResponseContent]
+ def list(request_options: {}, **params)
+ params = Auth0::Internal::Types::Utils.normalize_keys(params)
+ query_params = {}
+ query_params["role_id"] = params[:role_id] if params.key?(:role_id)
+ query_params["from"] = params[:from] if params.key?(:from)
+ query_params["take"] = params.fetch(:take, 50)
+
+ Auth0::Internal::CursorItemIterator.new(
+ cursor_field: :next_,
+ item_field: :groups,
+ initial_cursor: query_params["from"]
+ ) do |next_cursor|
+ query_params["from"] = next_cursor
+ request = Auth0::Internal::JSON::Request.new(
+ base_url: request_options[:base_url],
+ method: "GET",
+ path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-roles/sources/groups",
+ query: query_params,
+ request_options: request_options
+ )
+ begin
+ response = @client.send(request)
+ rescue Net::HTTPRequestTimeout
+ raise Auth0::Errors::TimeoutError
+ end
+ code = response.code.to_i
+ if code.between?(200, 299)
+ parsed_response = Auth0::Types::ListUserRoleSourceGroupsResponseContent.load(response.body)
+ [parsed_response, response]
+ else
+ error_class = Auth0::Errors::ResponseError.subclass_for_code(code)
+ raise error_class.new(response.body, code: code)
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb b/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb
new file mode 100644
index 00000000..6e72ae54
--- /dev/null
+++ b/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectiveRoles
+ module Sources
+ module Groups
+ module Types
+ class ListUserRoleSourceGroupsRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :role_id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb b/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb
new file mode 100644
index 00000000..3919e4dc
--- /dev/null
+++ b/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Auth0
+ module Users
+ module EffectiveRoles
+ module Types
+ class ListUserEffectiveRolesRequestParameters < Internal::Types::Model
+ field :id, -> { String }, optional: false, nullable: false
+
+ field :from, -> { String }, optional: true, nullable: false
+
+ field :take, -> { Integer }, optional: true, nullable: false
+ end
+ end
+ end
+ end
+end
diff --git a/lib/auth0/users/enrollments/client.rb b/lib/auth0/users/enrollments/client.rb
index 996329b7..752bdd6f 100644
--- a/lib/auth0/users/enrollments/client.rb
+++ b/lib/auth0/users/enrollments/client.rb
@@ -11,9 +11,9 @@ def initialize(client:)
@client = client
end
- # Retrieve the first multi-factor
- # authentication enrollment that a specific user has confirmed.
+ # Retrieve the first [multi-factor
+ # authentication](https://auth0.com/docs/secure/multi-factor-authentication/multi-factor-authentication-factors)
+ # enrollment that a specific user has confirmed.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/identities/client.rb b/lib/auth0/users/identities/client.rb
index 003cc24c..349df52f 100644
--- a/lib/auth0/users/identities/client.rb
+++ b/lib/auth0/users/identities/client.rb
@@ -16,34 +16,35 @@ def initialize(client:)
#
# Note: There are two ways of invoking the endpoint:
#
- #
- # - With the authenticated primary account's JWT in the Authorization header, which has the
- #
update:current_user_identities scope:
- #
- # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities
- # Authorization: "Bearer PRIMARY_ACCOUNT_JWT"
- # {
- # "link_with": "SECONDARY_ACCOUNT_JWT"
- # }
- #
- # In this case, only the link_with param is required in the body, which also contains the JWT
- # obtained upon the secondary account's authentication.
- #
- # - With a token generated by the API V2 containing the
update:users scope:
- #
- # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities
- # Authorization: "Bearer YOUR_API_V2_TOKEN"
- # {
- # "provider": "SECONDARY_ACCOUNT_PROVIDER",
- # "connection_id": "SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)",
- # "user_id": "SECONDARY_ACCOUNT_USER_ID"
- # }
- #
- # In this case you need to send provider and user_id in the body. Optionally you can
- # also send the connection_id param which is suitable for identifying a particular database
- # connection for the 'auth0' provider.
- #
- #
+ # - With the authenticated primary account's JWT in the Authorization header, which has the
+ # `update:current_user_identities` scope:
+ #
+ # ```http
+ # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities
+ # Authorization: "Bearer PRIMARY_ACCOUNT_JWT"
+ # {
+ # "link_with": "SECONDARY_ACCOUNT_JWT"
+ # }
+ # ```
+ #
+ # In this case, only the `link_with` param is required in the body, which also contains the JWT obtained upon
+ # the secondary account's authentication.
+ #
+ # - With a token generated by the API V2 containing the `update:users` scope:
+ #
+ # ```http
+ # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities
+ # Authorization: "Bearer YOUR_API_V2_TOKEN"
+ # {
+ # "provider": "SECONDARY_ACCOUNT_PROVIDER",
+ # "connection_id": "SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)",
+ # "user_id": "SECONDARY_ACCOUNT_USER_ID"
+ # }
+ # ```
+ #
+ # In this case you need to send `provider` and `user_id` in the body. Optionally you can also send the
+ # `connection_id` param which is suitable for identifying a particular database connection for the 'auth0'
+ # provider.
#
# @param request_options [Hash]
# @param params [Auth0::Users::Identities::Types::LinkUserIdentityRequestContent]
@@ -84,9 +85,8 @@ def link(request_options: {}, **params)
# and the secondary account.
#
# Unlinking the secondary account removes it from the identities array of the target user and creates a new
- # standalone profile for the secondary account. To learn more, review Unlink User
- # Accounts.
+ # standalone profile for the secondary account. To learn more, review [Unlink User
+ # Accounts](https://auth0.com/docs/manage-users/user-accounts/user-account-linking/unlink-user-accounts).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/multifactor/client.rb b/lib/auth0/users/multifactor/client.rb
index 06fce51d..79587fc0 100644
--- a/lib/auth0/users/multifactor/client.rb
+++ b/lib/auth0/users/multifactor/client.rb
@@ -11,8 +11,8 @@ def initialize(client:)
@client = client
end
- # Invalidate all remembered browsers across all authentication factors for a user.
+ # Invalidate all remembered browsers across all [authentication
+ # factors](https://auth0.com/docs/multifactor-authentication) for a user.
#
# @param request_options [Hash]
# @param params [Hash]
@@ -44,8 +44,8 @@ def invalidate_remember_browser(request_options: {}, **params)
raise error_class.new(response.body, code: code)
end
- # Remove a multifactor authentication
- # configuration from a user's account. This forces the user to manually reconfigure the multi-factor provider.
+ # Remove a [multifactor](https://auth0.com/docs/multifactor-authentication) authentication configuration from a
+ # user's account. This forces the user to manually reconfigure the multi-factor provider.
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/organizations/client.rb b/lib/auth0/users/organizations/client.rb
index b3637e76..49d31224 100644
--- a/lib/auth0/users/organizations/client.rb
+++ b/lib/auth0/users/organizations/client.rb
@@ -12,7 +12,7 @@ def initialize(client:)
end
# Retrieve list of the specified user's current Organization memberships. User must be specified by user ID. For
- # more information, review Auth0 Organizations.
+ # more information, review [Auth0 Organizations](https://auth0.com/docs/manage-users/organizations).
#
# @param request_options [Hash]
# @param params [Hash]
diff --git a/lib/auth0/users/roles/client.rb b/lib/auth0/users/roles/client.rb
index 32b238f4..c948a452 100644
--- a/lib/auth0/users/roles/client.rb
+++ b/lib/auth0/users/roles/client.rb
@@ -13,10 +13,9 @@ def initialize(client:)
# Retrieve detailed list of all user roles currently assigned to a user.
#
- # Note: This action retrieves all roles assigned to a user in the context of your whole tenant. To
- # retrieve Organization-specific roles, use the following endpoint: Get user roles
- # assigned to an Organization member.
+ # **Note**: This action retrieves all roles assigned to a user in the context of your whole tenant. To retrieve
+ # Organization-specific roles, use the following endpoint: [Get user roles assigned to an Organization
+ # member](https://auth0.com/docs/api/management/v2/organizations/get-organization-member-roles).
#
# @param request_options [Hash]
# @param params [Hash]
@@ -68,14 +67,13 @@ def list(request_options: {}, **params)
end
end
- # Assign one or more existing user roles to a user. For more information, review Role-Based Access Control.
+ # Assign one or more existing user roles to a user. For more information, review [Role-Based Access
+ # Control](https://auth0.com/docs/manage-users/access-control/rbac).
#
- # Note: New roles cannot be created through this action. Additionally, this action is used to assign
- # roles to a user in the context of your whole tenant. To assign roles in the context of a specific
- # Organization, use the following endpoint: Assign user roles
- # to an Organization member.
+ # **Note**: New roles cannot be created through this action. Additionally, this action is used to assign roles
+ # to a user in the context of your whole tenant. To assign roles in the context of a specific Organization, use
+ # the following endpoint: [Assign user roles to an Organization
+ # member](https://auth0.com/docs/api/management/v2/organizations/post-organization-member-roles).
#
# @param request_options [Hash]
# @param params [Auth0::Users::Roles::Types::AssignUserRolesRequestContent]
@@ -114,10 +112,10 @@ def assign(request_options: {}, **params)
# Remove one or more specified user roles assigned to a user.
#
- # Note: This action removes a role from a user in the context of your whole tenant. If you want to
- # unassign a role from a user in the context of a specific Organization, use the following endpoint: Delete user
- # roles from an Organization member.
+ # **Note**: This action removes a role from a user in the context of your whole tenant. If you want to unassign
+ # a role from a user in the context of a specific Organization, use the following endpoint: [Delete user roles
+ # from an Organization
+ # member](https://auth0.com/docs/api/management/v2/organizations/delete-organization-member-roles).
#
# @param request_options [Hash]
# @param params [Auth0::Users::Roles::Types::DeleteUserRolesRequestContent]