From dfa7f303d132d05617b2467dfee1d4290dfe8988 Mon Sep 17 00:00:00 2001 From: fern-api <115122769+fern-api[bot]@users.noreply.github.com> Date: Thu, 28 May 2026 11:59:11 +0000 Subject: [PATCH] SDK regeneration --- .fern/metadata.json | 7 +- lib/auth0.rb | 53 +++++- lib/auth0/client_grants/client.rb | 22 +-- lib/auth0/clients/client.rb | 178 ++++++++---------- lib/auth0/clients/connections/client.rb | 22 +-- lib/auth0/clients/credentials/client.rb | 77 +++++--- .../connections/scim_configuration/client.rb | 8 +- .../scim_configuration/tokens/client.rb | 4 +- lib/auth0/device_credentials/client.rb | 13 +- lib/auth0/groups/client.rb | 5 + lib/auth0/groups/roles/client.rb | 141 ++++++++++++++ .../create_group_roles_request_parameters.rb | 15 ++ .../delete_group_roles_request_content.rb | 15 ++ .../list_group_roles_request_parameters.rb | 17 ++ lib/auth0/guardian/enrollments/client.rb | 20 +- .../factors/push_notification/client.rb | 15 +- lib/auth0/guardian/policies/client.rb | 36 ++-- lib/auth0/jobs/verification_email/client.rb | 4 +- lib/auth0/logs/client.rb | 66 +++---- lib/auth0/organizations/client.rb | 41 ++-- .../organizations/discovery_domains/client.rb | 5 +- .../enabled_connections/client.rb | 6 +- lib/auth0/organizations/groups/client.rb | 70 +++++++ .../organizations/groups/roles/client.rb | 144 ++++++++++++++ ...rganization_group_roles_request_content.rb | 19 ++ ...rganization_group_roles_request_content.rb | 19 ++ ...nization_group_roles_request_parameters.rb | 21 +++ ..._organization_groups_request_parameters.rb | 17 ++ lib/auth0/organizations/invitations/client.rb | 11 +- lib/auth0/organizations/members/client.rb | 39 ++-- .../members/effective_roles/client.rb | 73 +++++++ .../members/effective_roles/sources/client.rb | 25 +++ .../effective_roles/sources/groups/client.rb | 74 ++++++++ ...r_role_source_groups_request_parameters.rb | 27 +++ ...mber_effective_roles_request_parameters.rb | 21 +++ .../organizations/members/roles/client.rb | 8 +- lib/auth0/roles/client.rb | 27 +-- lib/auth0/roles/groups/client.rb | 139 ++++++++++++++ .../assign_role_groups_request_content.rb | 15 ++ .../delete_role_groups_request_content.rb | 15 ++ .../types/list_role_groups_parameters.rb | 17 ++ lib/auth0/roles/permissions/client.rb | 12 +- lib/auth0/roles/users/client.rb | 36 ++-- .../update_tenant_settings_request_content.rb | 2 + lib/auth0/token_exchange_profiles/client.rb | 51 +++-- .../client_external_metadata_type_enum.rb | 1 + .../types/connection_properties_options.rb | 2 + .../get_tenant_settings_response_content.rb | 2 + .../list_group_roles_response_content.rb | 11 ++ ...ganization_group_roles_response_content.rb | 11 ++ ...st_organization_groups_response_content.rb | 11 ++ ...member_effective_roles_response_content.rb | 11 ++ ...ber_role_source_groups_response_content.rb | 11 ++ .../list_role_groups_response_content.rb | 11 ++ ...ermission_role_sources_response_content.rb | 11 ++ ..._effective_permissions_response_content.rb | 11 ++ ...t_user_effective_roles_response_content.rb | 11 ++ ...ser_role_source_groups_response_content.rb | 11 ++ lib/auth0/types/oauth_scope.rb | 13 ++ .../organization_member_effective_role.rb | 15 ++ ...ganization_member_effective_role_source.rb | 12 ++ .../types/tenant_settings_country_codes.rb | 12 ++ .../tenant_settings_country_codes_mode.rb | 12 ++ ...nt_settings_country_codes_mode_response.rb | 12 ++ .../tenant_settings_country_codes_response.rb | 12 ++ lib/auth0/types/update_connection_options.rb | 2 + ...update_tenant_settings_response_content.rb | 2 + ...r_effective_permission_response_content.rb | 17 ++ ...r_effective_permission_role_source_enum.rb | 12 ++ ...permission_role_source_response_content.rb | 15 ++ .../user_effective_permission_source_enum.rb | 12 ++ lib/auth0/types/user_effective_role.rb | 15 ++ lib/auth0/types/user_effective_role_source.rb | 12 ++ lib/auth0/user_attribute_profiles/client.rb | 2 +- lib/auth0/user_blocks/client.rb | 28 +-- lib/auth0/user_grants/client.rb | 3 +- lib/auth0/users/authenticators/client.rb | 5 +- lib/auth0/users/client.rb | 174 ++++++++++------- .../users/effective_permissions/client.rb | 73 +++++++ .../effective_permissions/sources/client.rb | 23 +++ .../sources/roles/client.rb | 74 ++++++++ ...rmission_role_source_request_parameters.rb | 25 +++ ...ffective_permissions_request_parameters.rb | 19 ++ lib/auth0/users/effective_roles/client.rb | 71 +++++++ .../users/effective_roles/sources/client.rb | 23 +++ .../effective_roles/sources/groups/client.rb | 71 +++++++ ...r_role_source_groups_request_parameters.rb | 23 +++ ...user_effective_roles_request_parameters.rb | 17 ++ lib/auth0/users/enrollments/client.rb | 6 +- lib/auth0/users/identities/client.rb | 62 +++--- lib/auth0/users/multifactor/client.rb | 8 +- lib/auth0/users/organizations/client.rb | 2 +- lib/auth0/users/roles/client.rb | 28 ++- 93 files changed, 2154 insertions(+), 525 deletions(-) create mode 100644 lib/auth0/groups/roles/client.rb create mode 100644 lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb create mode 100644 lib/auth0/groups/roles/types/delete_group_roles_request_content.rb create mode 100644 lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb create mode 100644 lib/auth0/organizations/groups/client.rb create mode 100644 lib/auth0/organizations/groups/roles/client.rb create mode 100644 lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb create mode 100644 lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb create mode 100644 lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb create mode 100644 lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb create mode 100644 lib/auth0/organizations/members/effective_roles/client.rb create mode 100644 lib/auth0/organizations/members/effective_roles/sources/client.rb create mode 100644 lib/auth0/organizations/members/effective_roles/sources/groups/client.rb create mode 100644 lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb create mode 100644 lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb create mode 100644 lib/auth0/roles/groups/client.rb create mode 100644 lib/auth0/roles/groups/types/assign_role_groups_request_content.rb create mode 100644 lib/auth0/roles/groups/types/delete_role_groups_request_content.rb create mode 100644 lib/auth0/roles/groups/types/list_role_groups_parameters.rb create mode 100644 lib/auth0/types/list_group_roles_response_content.rb create mode 100644 lib/auth0/types/list_organization_group_roles_response_content.rb create mode 100644 lib/auth0/types/list_organization_groups_response_content.rb create mode 100644 lib/auth0/types/list_organization_member_effective_roles_response_content.rb create mode 100644 lib/auth0/types/list_organization_member_role_source_groups_response_content.rb create mode 100644 lib/auth0/types/list_role_groups_response_content.rb create mode 100644 lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb create mode 100644 lib/auth0/types/list_user_effective_permissions_response_content.rb create mode 100644 lib/auth0/types/list_user_effective_roles_response_content.rb create mode 100644 lib/auth0/types/list_user_role_source_groups_response_content.rb create mode 100644 lib/auth0/types/organization_member_effective_role.rb create mode 100644 lib/auth0/types/organization_member_effective_role_source.rb create mode 100644 lib/auth0/types/tenant_settings_country_codes.rb create mode 100644 lib/auth0/types/tenant_settings_country_codes_mode.rb create mode 100644 lib/auth0/types/tenant_settings_country_codes_mode_response.rb create mode 100644 lib/auth0/types/tenant_settings_country_codes_response.rb create mode 100644 lib/auth0/types/user_effective_permission_response_content.rb create mode 100644 lib/auth0/types/user_effective_permission_role_source_enum.rb create mode 100644 lib/auth0/types/user_effective_permission_role_source_response_content.rb create mode 100644 lib/auth0/types/user_effective_permission_source_enum.rb create mode 100644 lib/auth0/types/user_effective_role.rb create mode 100644 lib/auth0/types/user_effective_role_source.rb create mode 100644 lib/auth0/users/effective_permissions/client.rb create mode 100644 lib/auth0/users/effective_permissions/sources/client.rb create mode 100644 lib/auth0/users/effective_permissions/sources/roles/client.rb create mode 100644 lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb create mode 100644 lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb create mode 100644 lib/auth0/users/effective_roles/client.rb create mode 100644 lib/auth0/users/effective_roles/sources/client.rb create mode 100644 lib/auth0/users/effective_roles/sources/groups/client.rb create mode 100644 lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb create mode 100644 lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb diff --git a/.fern/metadata.json b/.fern/metadata.json index f1401254..3753a0a5 100644 --- a/.fern/metadata.json +++ b/.fern/metadata.json @@ -1,5 +1,5 @@ { - "cliVersion": "5.32.1", + "cliVersion": "5.37.10", "generatorName": "fernapi/fern-ruby-sdk", "generatorVersion": "1.12.11", "generatorConfig": { @@ -10,9 +10,8 @@ "offsetSemantics": "page-index", "useDefaultRequestParameterValues": true }, - "originGitCommit": "219914accde9916f411f553a3e3eb35a8478eaaf", + "originGitCommit": "2dea4e576b178b1445800474192bb8d8d60baaf3", "originGitCommitIsDirty": true, "invokedBy": "manual", - "requestedVersion": "6.0.0", - "sdkVersion": "6.0.0" + "sdkVersion": "5.19.1" } \ No newline at end of file diff --git a/lib/auth0.rb b/lib/auth0.rb index d05e7b10..ebf2f741 100644 --- a/lib/auth0.rb +++ b/lib/auth0.rb @@ -2340,6 +2340,8 @@ require_relative "auth0/types/session_cookie_schema" require_relative "auth0/types/supported_locales" require_relative "auth0/types/tenant_oidc_logout_settings" +require_relative "auth0/types/tenant_settings_country_codes_mode_response" +require_relative "auth0/types/tenant_settings_country_codes_response" require_relative "auth0/types/tenant_settings_device_flow_charset" require_relative "auth0/types/tenant_settings_device_flow" require_relative "auth0/types/tenant_settings_dynamic_client_registration_security_mode" @@ -2397,6 +2399,8 @@ require_relative "auth0/types/list_flows_request_parameters_hydrate_enum" require_relative "auth0/types/list_flows_vault_connections_offset_paginated_response_content" require_relative "auth0/types/list_forms_offset_paginated_response_content" +require_relative "auth0/types/role" +require_relative "auth0/types/list_group_roles_response_content" require_relative "auth0/types/list_groups_paginated_response_content" require_relative "auth0/types/mfa_policy_enum" require_relative "auth0/types/list_guardian_policies_response_content" @@ -2413,9 +2417,14 @@ require_relative "auth0/types/list_organization_connections_offset_paginated_response_content" require_relative "auth0/types/organization_discovery_domain" require_relative "auth0/types/list_organization_discovery_domains_response_content" +require_relative "auth0/types/list_organization_group_roles_response_content" +require_relative "auth0/types/list_organization_groups_response_content" require_relative "auth0/types/organization_invitation" require_relative "auth0/types/list_organization_invitations_offset_paginated_response_content" -require_relative "auth0/types/role" +require_relative "auth0/types/organization_member_effective_role_source" +require_relative "auth0/types/organization_member_effective_role" +require_relative "auth0/types/list_organization_member_effective_roles_response_content" +require_relative "auth0/types/list_organization_member_role_source_groups_response_content" require_relative "auth0/types/list_organization_member_roles_offset_paginated_response_content" require_relative "auth0/types/organization_member_role" require_relative "auth0/types/organization_member" @@ -2428,6 +2437,7 @@ require_relative "auth0/types/list_refresh_tokens_paginated_response_content" require_relative "auth0/types/resource_server" require_relative "auth0/types/list_resource_server_offset_paginated_response_content" +require_relative "auth0/types/list_role_groups_response_content" require_relative "auth0/types/permissions_response_payload" require_relative "auth0/types/list_role_permissions_offset_paginated_response_content" require_relative "auth0/types/role_user" @@ -2454,11 +2464,21 @@ require_relative "auth0/types/list_user_blocks_by_identifier_response_content" require_relative "auth0/types/list_user_blocks_response_content" require_relative "auth0/types/list_user_connected_accounts_response_content" +require_relative "auth0/types/user_effective_permission_role_source_enum" +require_relative "auth0/types/user_effective_permission_role_source_response_content" +require_relative "auth0/types/list_user_effective_permission_role_sources_response_content" +require_relative "auth0/types/user_effective_permission_source_enum" +require_relative "auth0/types/user_effective_permission_response_content" +require_relative "auth0/types/list_user_effective_permissions_response_content" +require_relative "auth0/types/user_effective_role_source" +require_relative "auth0/types/user_effective_role" +require_relative "auth0/types/list_user_effective_roles_response_content" require_relative "auth0/types/user_grant" require_relative "auth0/types/list_user_grants_offset_paginated_response_content" require_relative "auth0/types/list_user_organizations_offset_paginated_response_content" require_relative "auth0/types/user_permission_schema" require_relative "auth0/types/list_user_permissions_offset_paginated_response_content" +require_relative "auth0/types/list_user_role_source_groups_response_content" require_relative "auth0/types/list_user_roles_offset_paginated_response_content" require_relative "auth0/types/session_response_content" require_relative "auth0/types/list_user_sessions_paginated_response_content" @@ -2556,6 +2576,8 @@ require_relative "auth0/types/set_user_authentication_methods_request_content" require_relative "auth0/types/sets_custom_texts_by_language_request_content" require_relative "auth0/types/signing_keys" +require_relative "auth0/types/tenant_settings_country_codes_mode" +require_relative "auth0/types/tenant_settings_country_codes" require_relative "auth0/types/tenant_settings_supported_locales_enum" require_relative "auth0/types/test_action_payload" require_relative "auth0/types/test_action_result_payload" @@ -2926,6 +2948,10 @@ require_relative "auth0/flows/vault/connections/types/update_flows_vault_connection_request_content" require_relative "auth0/groups/members/client" require_relative "auth0/groups/members/types/get_group_members_request_parameters" +require_relative "auth0/groups/roles/client" +require_relative "auth0/groups/roles/types/list_group_roles_request_parameters" +require_relative "auth0/groups/roles/types/create_group_roles_request_parameters" +require_relative "auth0/groups/roles/types/delete_group_roles_request_content" require_relative "auth0/guardian/client" require_relative "auth0/guardian/enrollments/client" require_relative "auth0/guardian/enrollments/types/create_guardian_enrollment_ticket_request_content" @@ -2994,10 +3020,21 @@ require_relative "auth0/organizations/members/types/list_organization_members_request_parameters" require_relative "auth0/organizations/members/types/create_organization_member_request_content" require_relative "auth0/organizations/members/types/delete_organization_members_request_content" +require_relative "auth0/organizations/groups/client" +require_relative "auth0/organizations/groups/types/list_organization_groups_request_parameters" +require_relative "auth0/organizations/groups/roles/client" +require_relative "auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters" +require_relative "auth0/organizations/groups/roles/types/create_organization_group_roles_request_content" +require_relative "auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content" +require_relative "auth0/organizations/members/effective_roles/client" +require_relative "auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters" require_relative "auth0/organizations/members/roles/client" require_relative "auth0/organizations/members/roles/types/list_organization_member_roles_request_parameters" require_relative "auth0/organizations/members/roles/types/assign_organization_member_roles_request_content" require_relative "auth0/organizations/members/roles/types/delete_organization_member_roles_request_content" +require_relative "auth0/organizations/members/effective_roles/sources/client" +require_relative "auth0/organizations/members/effective_roles/sources/groups/client" +require_relative "auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters" require_relative "auth0/prompts/rendering/client" require_relative "auth0/prompts/rendering/types/list_aculs_request_parameters" require_relative "auth0/prompts/rendering/types/bulk_update_acul_request_content" @@ -3009,6 +3046,10 @@ require_relative "auth0/risk_assessments/settings/types/update_risk_assessments_settings_request_content" require_relative "auth0/risk_assessments/settings/new_device/client" require_relative "auth0/risk_assessments/settings/new_device/types/update_risk_assessments_settings_new_device_request_content" +require_relative "auth0/roles/groups/client" +require_relative "auth0/roles/groups/types/list_role_groups_parameters" +require_relative "auth0/roles/groups/types/assign_role_groups_request_content" +require_relative "auth0/roles/groups/types/delete_role_groups_request_content" require_relative "auth0/roles/permissions/client" require_relative "auth0/roles/permissions/types/list_role_permissions_request_parameters" require_relative "auth0/roles/permissions/types/add_role_permissions_request_content" @@ -3030,6 +3071,10 @@ require_relative "auth0/users/authenticators/client" require_relative "auth0/users/connected_accounts/client" require_relative "auth0/users/connected_accounts/types/get_user_connected_accounts_request_parameters" +require_relative "auth0/users/effective_permissions/client" +require_relative "auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters" +require_relative "auth0/users/effective_roles/client" +require_relative "auth0/users/effective_roles/types/list_user_effective_roles_request_parameters" require_relative "auth0/users/enrollments/client" require_relative "auth0/users/federated_connections_tokensets/client" require_relative "auth0/users/groups/client" @@ -3055,6 +3100,12 @@ require_relative "auth0/users/refresh_token/types/list_refresh_tokens_request_parameters" require_relative "auth0/users/sessions/client" require_relative "auth0/users/sessions/types/list_user_sessions_request_parameters" +require_relative "auth0/users/effective_permissions/sources/client" +require_relative "auth0/users/effective_permissions/sources/roles/client" +require_relative "auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters" +require_relative "auth0/users/effective_roles/sources/client" +require_relative "auth0/users/effective_roles/sources/groups/client" +require_relative "auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters" require_relative "auth0/verifiable_credentials/client" require_relative "auth0/verifiable_credentials/verification/client" require_relative "auth0/verifiable_credentials/verification/templates/client" diff --git a/lib/auth0/client_grants/client.rb b/lib/auth0/client_grants/client.rb index 4f0e07ae..3d65815a 100644 --- a/lib/auth0/client_grants/client.rb +++ b/lib/auth0/client_grants/client.rb @@ -10,9 +10,9 @@ def initialize(client:) @client = client end - # Retrieve a list of client - # grants, including the scopes associated with the application/API pair. + # Retrieve a list of [client + # grants](https://auth0.com/docs/get-started/applications/application-access-to-apis-client-grants), including the + # scopes associated with the application/API pair. # # @param request_options [Hash] # @param params [Hash] @@ -70,9 +70,8 @@ def list(request_options: {}, **params) end end - # Create a client grant for a machine-to-machine login flow. To learn more, read Client - # Credential Flow. + # Create a client grant for a machine-to-machine login flow. To learn more, read [Client Credential + # Flow](https://www.auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow). # # @param request_options [Hash] # @param params [Auth0::ClientGrants::Types::CreateClientGrantRequestContent] @@ -106,9 +105,8 @@ def create(request_options: {}, **params) end end - # Retrieve a single client - # grant, including the + # Retrieve a single [client + # grant](https://auth0.com/docs/get-started/applications/application-access-to-apis-client-grants), including the # scopes associated with the application/API pair. # # @param request_options [Hash] @@ -143,9 +141,9 @@ def get(request_options: {}, **params) end end - # Delete the Client - # Credential Flow from your machine-to-machine application. + # Delete the [Client Credential + # Flow](https://www.auth0.com/docs/get-started/authentication-and-authorization-flow/client-credentials-flow) from + # your machine-to-machine application. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/clients/client.rb b/lib/auth0/clients/client.rb index 84b3ec01..2201f3b8 100644 --- a/lib/auth0/clients/client.rb +++ b/lib/auth0/clients/client.rb @@ -12,41 +12,31 @@ def initialize(client:) # Retrieve clients (applications and SSO integrations) matching provided filters. A list of fields to include or # exclude may also be specified. - # For more information, read Applications in - # Auth0 and Single Sign-On. + # For more information, read [Applications in Auth0](https://www.auth0.com/docs/get-started/applications) and + # [Single Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on). # - # + # - The following can be retrieved with any scope: + # `client_id`, `app_type`, `name`, and `description`. + # - The following properties can only be retrieved with the `read:clients` or + # `read:client_keys` scope: + # `callbacks`, `oidc_logout`, `allowed_origins`, + # `web_origins`, `tenant`, `global`, `config_route`, + # `callback_url_template`, `jwt_configuration`, + # `jwt_configuration.lifetime_in_seconds`, `jwt_configuration.secret_encoded`, + # `jwt_configuration.scopes`, `jwt_configuration.alg`, `api_type`, + # `logo_uri`, `allowed_clients`, `owners`, `custom_login_page`, + # `custom_login_page_off`, `sso`, `addons`, `form_template`, + # `custom_login_page_codeview`, `resource_servers`, `client_metadata`, + # `mobile`, `mobile.android`, `mobile.ios`, `allowed_logout_urls`, + # `token_endpoint_auth_method`, `is_first_party`, `oidc_conformant`, + # `is_token_endpoint_ip_header_trusted`, `initiate_login_uri`, `grant_types`, + # `refresh_token`, `refresh_token.rotation_type`, `refresh_token.expiration_type`, + # `refresh_token.leeway`, `refresh_token.token_lifetime`, `refresh_token.policies`, `organization_usage`, + # `organization_require_behavior`. + # - The following properties can only be retrieved with the + # `read:client_keys` or `read:client_credentials` scope: + # `encryption_key`, `encryption_key.pub`, `encryption_key.cert`, + # `client_secret`, `client_authentication_methods` and `signing_key`. # # @param request_options [Hash] # @param params [Hash] @@ -111,28 +101,24 @@ def list(request_options: {}, **params) end end - # Create a new client (application or SSO integration). For more information, read Create Applications - # API Endpoints - # for Single Sign-On. + # Create a new client (application or SSO integration). For more information, read [Create + # Applications](https://www.auth0.com/docs/get-started/auth0-overview/create-applications) + # [API Endpoints for Single + # Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on/api-endpoints-for-single-sign-on). # # Notes: # - We recommend leaving the `client_secret` parameter unspecified to allow the generation of a safe secret. - # - The client_authentication_methods and token_endpoint_auth_method properties are - # mutually exclusive. Use - # client_authentication_methods to configure the client with Private Key JWT authentication method. - # Otherwise, use token_endpoint_auth_method + # - The `client_authentication_methods` and `token_endpoint_auth_method` properties are mutually exclusive. Use + # `client_authentication_methods` to configure the client with Private Key JWT authentication method. Otherwise, + # use `token_endpoint_auth_method` # to configure the client with client secret (basic or post) or with no authentication method (none). - # - When using client_authentication_methods to configure the client with Private Key JWT - # authentication method, specify fully defined credentials. + # - When using `client_authentication_methods` to configure the client with Private Key JWT authentication method, + # specify fully defined credentials. # These credentials will be automatically enabled for Private Key JWT authentication on the client. - # - To configure client_authentication_methods, the create:client_credentials scope is - # required. - # - To configure client_authentication_methods, the property jwt_configuration.alg must - # be set to RS256. + # - To configure `client_authentication_methods`, the `create:client_credentials` scope is required. + # - To configure `client_authentication_methods`, the property `jwt_configuration.alg` must be set to RS256. # - #
SSO Integrations created via this endpoint will accept login requests and share - # user profile information.
+ # SSO Integrations created via this endpoint will accept login requests and share user profile information. # # @param request_options [Hash] # @param params [Auth0::Clients::Types::CreateClientRequestContent] @@ -253,40 +239,31 @@ def register_cimd_client(request_options: {}, **params) # Retrieve client details by ID. Clients are SSO connections or Applications linked with your Auth0 tenant. A list # of fields to include or exclude may also be specified. - # For more information, read Applications in - # Auth0 and Single Sign-On. - # + # For more information, read [Applications in Auth0](https://www.auth0.com/docs/get-started/applications) and + # [Single Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on). + # + # - The following properties can be retrieved with any of the scopes: + # `client_id`, `app_type`, `name`, and `description`. + # - The following properties can only be retrieved with the `read:clients` or + # `read:client_keys` scopes: + # `callbacks`, `oidc_logout`, `allowed_origins`, + # `web_origins`, `tenant`, `global`, `config_route`, + # `callback_url_template`, `jwt_configuration`, + # `jwt_configuration.lifetime_in_seconds`, `jwt_configuration.secret_encoded`, + # `jwt_configuration.scopes`, `jwt_configuration.alg`, `api_type`, + # `logo_uri`, `allowed_clients`, `owners`, `custom_login_page`, + # `custom_login_page_off`, `sso`, `addons`, `form_template`, + # `custom_login_page_codeview`, `resource_servers`, `client_metadata`, + # `mobile`, `mobile.android`, `mobile.ios`, `allowed_logout_urls`, + # `token_endpoint_auth_method`, `is_first_party`, `oidc_conformant`, + # `is_token_endpoint_ip_header_trusted`, `initiate_login_uri`, `grant_types`, + # `refresh_token`, `refresh_token.rotation_type`, `refresh_token.expiration_type`, + # `refresh_token.leeway`, `refresh_token.token_lifetime`, `refresh_token.policies`, `organization_usage`, + # `organization_require_behavior`. + # - The following properties can only be retrieved with the `read:client_keys` or `read:client_credentials` + # scopes: + # `encryption_key`, `encryption_key.pub`, `encryption_key.cert`, + # `client_secret`, `client_authentication_methods` and `signing_key`. # # @param request_options [Hash] # @param params [Hash] @@ -359,25 +336,22 @@ def delete(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Updates a client's settings. For more information, read Applications in Auth0 and Single Sign-On. + # Updates a client's settings. For more information, read [Applications in + # Auth0](https://www.auth0.com/docs/get-started/applications) and [Single + # Sign-On](https://www.auth0.com/docs/authenticate/single-sign-on). # # Notes: # - The `client_secret` and `signing_key` attributes can only be updated with the `update:client_keys` scope. - # - The client_authentication_methods and token_endpoint_auth_method properties are - # mutually exclusive. Use client_authentication_methods to configure the client with Private Key JWT - # authentication method. Otherwise, use token_endpoint_auth_method to configure the client with - # client secret (basic or post) or with no authentication method (none). - # - When using client_authentication_methods to configure the client with Private Key JWT - # authentication method, only specify the credential IDs that were generated when creating the credentials on the - # client. - # - To configure client_authentication_methods, the update:client_credentials scope is - # required. - # - To configure client_authentication_methods, the property jwt_configuration.alg must - # be set to RS256. - # - To change a client's is_first_party property to false, the - # organization_usage and organization_require_behavior properties must be unset. + # - The `client_authentication_methods` and `token_endpoint_auth_method` properties are mutually exclusive. Use + # `client_authentication_methods` to configure the client with Private Key JWT authentication method. Otherwise, + # use `token_endpoint_auth_method` to configure the client with client secret (basic or post) or with no + # authentication method (none). + # - When using `client_authentication_methods` to configure the client with Private Key JWT authentication method, + # only specify the credential IDs that were generated when creating the credentials on the client. + # - To configure `client_authentication_methods`, the `update:client_credentials` scope is required. + # - To configure `client_authentication_methods`, the property `jwt_configuration.alg` must be set to RS256. + # - To change a client's `is_first_party` property to `false`, the `organization_usage` and + # `organization_require_behavior` properties must be unset. # # @param request_options [Hash] # @param params [Auth0::Clients::Types::UpdateClientRequestContent] @@ -421,8 +395,8 @@ def update(request_options: {}, **params) # This endpoint cannot be used with clients configured with Private Key JWT authentication method # (client_authentication_methods configured with private_key_jwt). The generated secret is NOT base64 encoded. # - # For more information, read Rotate Client Secrets. + # For more information, read [Rotate Client + # Secrets](https://www.auth0.com/docs/get-started/applications/rotate-client-secret). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/clients/connections/client.rb b/lib/auth0/clients/connections/client.rb index 188b703b..6d28d705 100644 --- a/lib/auth0/clients/connections/client.rb +++ b/lib/auth0/clients/connections/client.rb @@ -11,20 +11,14 @@ def initialize(client:) @client = client end - # Retrieve all connections that are enabled for the specified Application, using checkpoint pagination. A - # list of fields to include or exclude for each connection may also be specified. - # + # Retrieve all connections that are enabled for the specified + # [Application](https://www.auth0.com/docs/get-started/applications), using checkpoint pagination. A list of + # fields to include or exclude for each connection may also be specified. + # + # - This endpoint requires the `read:connections` scope and any one of `read:clients` or `read:client_summary`. + # - **Note**: The first time you call this endpoint, omit the `from` parameter. If there are more results, a + # `next` value is included in the response. You can use this for subsequent API calls. When `next` is no longer + # included in the response, no further results are remaining. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/clients/credentials/client.rb b/lib/auth0/clients/credentials/client.rb index 728dae80..daec097e 100644 --- a/lib/auth0/clients/credentials/client.rb +++ b/lib/auth0/clients/credentials/client.rb @@ -13,9 +13,9 @@ def initialize(client:) # Get the details of a client credential. # - # Important: To enable credentials to be used for a client authentication method, set the - # client_authentication_methods property on the client. To enable credentials to be used for - # JWT-Secured Authorization requests set the signed_request_object property on the client. + # **Important**: To enable credentials to be used for a client authentication method, set the + # `client_authentication_methods` property on the client. To enable credentials to be used for JWT-Secured + # Authorization requests set the `signed_request_object` property on the client. # # @param request_options [Hash] # @param params [Hash] @@ -50,48 +50,69 @@ def list(request_options: {}, **params) # Create a client credential associated to your application. Credentials can be used to configure Private Key # JWT and mTLS authentication methods, as well as for JWT-secured Authorization requests. # - #
Public Key
Public Key credentials can be used to set up Private Key JWT client authentication and - # JWT-secured Authorization requests. + # **Public Key** # - # Sample: 
{
+        # Public Key credentials can be used to set up Private Key JWT client authentication and JWT-secured
+        # Authorization requests.
+        #
+        # Sample:
+        #
+        # ```json
+        # {
         #   "credential_type": "public_key",
         #   "name": "string",
         #   "pem": "string",
         #   "alg": "RS256",
         #   "parse_expiry_from_cert": false,
         #   "expires_at": "2022-12-31T23:59:59Z"
-        # }
- #
Certificate (CA-signed & self-signed)
Certificate credentials can be used to set up mTLS client - # authentication. CA-signed certificates can be configured either with a signed certificate or with just the - # certificate Subject DN. + # } + # ``` + # + # **Certificate (CA-signed & self-signed)** + # + # Certificate credentials can be used to set up mTLS client authentication. CA-signed certificates can be + # configured either with a signed certificate or with just the certificate Subject DN. + # + # CA-signed Certificate Sample (pem): # - # CA-signed Certificate Sample (pem): 
{
+        # ```json
+        # {
         #   "credential_type": "x509_cert",
         #   "name": "string",
         #   "pem": "string"
-        # }
CA-signed Certificate Sample (subject_dn): 
{
+        # }
+        # ```
+        #
+        # CA-signed Certificate Sample (subject_dn):
+        #
+        # ```json
+        # {
         #   "credential_type": "cert_subject_dn",
         #   "name": "string",
         #   "subject_dn": "string"
-        # }
Self-signed Certificate Sample: 
{
+        # }
+        # ```
+        #
+        # Self-signed Certificate Sample:
+        #
+        # ```json
+        # {
         #   "credential_type": "cert_subject_dn",
         #   "name": "string",
         #   "pem": "string"
-        # }
+ # } + # ``` # # The credential will be created but not yet enabled for use until you set the corresponding properties in the # client: - # + # + # - To enable the credential for Private Key JWT or mTLS authentication methods, set the + # `client_authentication_methods` property on the client. For more information, read [Configure Private Key JWT + # Authentication](https://auth0.com/docs/get-started/applications/configure-private-key-jwt) and [Configure mTLS + # Authentication](https://auth0.com/docs/get-started/applications/configure-mtls) + # - To enable the credential for JWT-secured Authorization requests, set the `signed_request_object`property on + # the client. For more information, read [Configure JWT-secured Authorization Requests + # (JAR)](https://auth0.com/docs/get-started/applications/configure-jar) # # @param request_options [Hash] # @param params [Auth0::Clients::Credentials::Types::PostClientCredentialRequestContent] @@ -132,9 +153,9 @@ def create(request_options: {}, **params) # Get the details of a client credential. # - # Important: To enable credentials to be used for a client authentication method, set the - # client_authentication_methods property on the client. To enable credentials to be used for - # JWT-Secured Authorization requests set the signed_request_object property on the client. + # **Important**: To enable credentials to be used for a client authentication method, set the + # `client_authentication_methods` property on the client. To enable credentials to be used for JWT-Secured + # Authorization requests set the `signed_request_object` property on the client. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/connections/scim_configuration/client.rb b/lib/auth0/connections/scim_configuration/client.rb index 6a61ce2b..8d6f407a 100644 --- a/lib/auth0/connections/scim_configuration/client.rb +++ b/lib/auth0/connections/scim_configuration/client.rb @@ -59,7 +59,7 @@ def list(request_options: {}, **params) end end - # Retrieves a scim configuration by its connectionId. + # Retrieves a scim configuration by its `connectionId`. # # @param request_options [Hash] # @param params [Hash] @@ -128,7 +128,7 @@ def create(request_options: {}, **params) end end - # Deletes a scim configuration by its connectionId. + # Deletes a scim configuration by its `connectionId`. # # @param request_options [Hash] # @param params [Hash] @@ -160,7 +160,7 @@ def delete(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Update a scim configuration by its connectionId. + # Update a scim configuration by its `connectionId`. # # @param request_options [Hash] # @param params [Auth0::Connections::SCIMConfiguration::Types::UpdateSCIMConfigurationRequestContent] @@ -199,7 +199,7 @@ def update(request_options: {}, **params) end end - # Retrieves a scim configuration's default mapping by its connectionId. + # Retrieves a scim configuration's default mapping by its `connectionId`. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/connections/scim_configuration/tokens/client.rb b/lib/auth0/connections/scim_configuration/tokens/client.rb index 4f4b1f06..5f15a608 100644 --- a/lib/auth0/connections/scim_configuration/tokens/client.rb +++ b/lib/auth0/connections/scim_configuration/tokens/client.rb @@ -12,7 +12,7 @@ def initialize(client:) @client = client end - # Retrieves all scim tokens by its connection id. + # Retrieves all scim tokens by its connection `id`. # # @param request_options [Hash] # @param params [Hash] @@ -85,7 +85,7 @@ def create(request_options: {}, **params) end end - # Deletes a scim token by its connection id and tokenId. + # Deletes a scim token by its connection `id` and `tokenId`. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/device_credentials/client.rb b/lib/auth0/device_credentials/client.rb index 0963f7fd..3690c0ff 100644 --- a/lib/auth0/device_credentials/client.rb +++ b/lib/auth0/device_credentials/client.rb @@ -10,8 +10,8 @@ def initialize(client:) @client = client end - # Retrieve device credential information (public_key, refresh_token, or - # rotating_refresh_token) associated with a specific user. + # Retrieve device credential information (`public_key`, `refresh_token`, or `rotating_refresh_token`) associated + # with a specific user. # # @param request_options [Hash] # @param params [Hash] @@ -72,12 +72,11 @@ def list(request_options: {}, **params) end end - # Create a device credential public key to manage refresh token rotation for a given user_id. Device - # Credentials APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET - # requests. + # Create a device credential public key to manage refresh token rotation for a given `user_id`. Device Credentials + # APIs are designed for ad-hoc administrative use only and paging is by default enabled for GET requests. # - # When refresh token rotation is enabled, the endpoint becomes consistent. For more information, read Signing Keys. + # When refresh token rotation is enabled, the endpoint becomes consistent. For more information, read [Signing + # Keys](https://auth0.com/docs/get-started/tenant-settings/signing-keys). # # @param request_options [Hash] # @param params [Auth0::DeviceCredentials::Types::CreatePublicKeyDeviceCredentialRequestContent] diff --git a/lib/auth0/groups/client.rb b/lib/auth0/groups/client.rb index ee95275f..0860ff2d 100644 --- a/lib/auth0/groups/client.rb +++ b/lib/auth0/groups/client.rb @@ -140,6 +140,11 @@ def delete(request_options: {}, **params) def members @members ||= Auth0::Groups::Members::Client.new(client: @client) end + + # @return [Auth0::Roles::Client] + def roles + @roles ||= Auth0::Groups::Roles::Client.new(client: @client) + end end end end diff --git a/lib/auth0/groups/roles/client.rb b/lib/auth0/groups/roles/client.rb new file mode 100644 index 00000000..e3223b38 --- /dev/null +++ b/lib/auth0/groups/roles/client.rb @@ -0,0 +1,141 @@ +# frozen_string_literal: true + +module Auth0 + module Groups + module Roles + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the roles assigned to a group. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListGroupRolesResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :roles, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListGroupRolesResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # Assign one or more roles to a specified + # group. + # + # @param request_options [Hash] + # @param params [Auth0::Groups::Roles::Types::CreateGroupRolesRequestParameters] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # + # @return [untyped] + def create(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Groups::Roles::Types::CreateGroupRolesRequestParameters.new(params).to_h + non_body_param_names = %w[id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "POST", + path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + + # Unassign one or more roles from a + # specified group. + # + # @param request_options [Hash] + # @param params [Auth0::Groups::Roles::Types::DeleteGroupRolesRequestContent] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # + # @return [untyped] + def delete(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Groups::Roles::Types::DeleteGroupRolesRequestContent.new(params).to_h + non_body_param_names = %w[id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "DELETE", + path: "groups/#{URI.encode_uri_component(params[:id].to_s)}/roles", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end +end diff --git a/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb b/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb new file mode 100644 index 00000000..2df1aa93 --- /dev/null +++ b/lib/auth0/groups/roles/types/create_group_roles_request_parameters.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Groups + module Roles + module Types + class CreateGroupRolesRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end +end diff --git a/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb b/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb new file mode 100644 index 00000000..7ce2e5f7 --- /dev/null +++ b/lib/auth0/groups/roles/types/delete_group_roles_request_content.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Groups + module Roles + module Types + class DeleteGroupRolesRequestContent < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end +end diff --git a/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb b/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb new file mode 100644 index 00000000..04c53be6 --- /dev/null +++ b/lib/auth0/groups/roles/types/list_group_roles_request_parameters.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module Auth0 + module Groups + module Roles + module Types + class ListGroupRolesRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end +end diff --git a/lib/auth0/guardian/enrollments/client.rb b/lib/auth0/guardian/enrollments/client.rb index 852e66d7..ca51ae66 100644 --- a/lib/auth0/guardian/enrollments/client.rb +++ b/lib/auth0/guardian/enrollments/client.rb @@ -11,17 +11,10 @@ def initialize(client:) @client = client end - # Create a multi-factor - # authentication (MFA) enrollment ticket, and optionally send an email with the created ticket, to a given - # user. - # Create a multi-factor - # authentication (MFA) enrollment ticket, and optionally send an email with the created ticket to a given - # user. Enrollment tickets can specify which factor users must enroll with or allow existing MFA users to enroll - # in additional factors.
- # - # Note: Users cannot enroll in Email as a factor through custom enrollment tickets. + # Create a [multi-factor authentication (MFA) enrollment + # ticket](https://auth0.com/docs/secure/multi-factor-authentication/auth0-guardian/create-custom-enrollment-tickets), + # and optionally send an email with the created ticket to a given user. Enrollment tickets can specify which + # factor users must enroll with or allow existing MFA users to enroll in additional factors. # # @param request_options [Hash] # @param params [Auth0::Guardian::Enrollments::Types::CreateGuardianEnrollmentTicketRequestContent] @@ -91,9 +84,8 @@ def get(request_options: {}, **params) end # Remove a specific multi-factor authentication (MFA) enrollment from a user's account. This allows the user to - # re-enroll with MFA. For more information, review Reset User Multi-Factor - # Authentication and Recovery Codes. + # re-enroll with MFA. For more information, review [Reset User Multi-Factor Authentication and Recovery + # Codes](https://auth0.com/docs/secure/multi-factor-authentication/reset-user-mfa). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/guardian/factors/push_notification/client.rb b/lib/auth0/guardian/factors/push_notification/client.rb index 52216b55..72ef229f 100644 --- a/lib/auth0/guardian/factors/push_notification/client.rb +++ b/lib/auth0/guardian/factors/push_notification/client.rb @@ -253,9 +253,8 @@ def update_fcmv1provider(request_options: {}, **params) end # Retrieve configuration details for an AWS SNS push notification provider that has been enabled for MFA. To - # learn more, review Configure - # Push Notifications for MFA. + # learn more, review [Configure Push Notifications for + # MFA](https://auth0.com/docs/secure/multi-factor-authentication/multi-factor-authentication-factors/configure-push-notifications-for-mfa). # # @param request_options [Hash] # @param _params [Hash] @@ -287,8 +286,9 @@ def get_sns_provider(request_options: {}, **_params) end end - # Configure the AWS - # SNS push notification provider configuration (subscription required). + # Configure the [AWS SNS push notification provider + # configuration](https://auth0.com/docs/multifactor-authentication/developer/sns-configuration) (subscription + # required). # # @param request_options [Hash] # @param params [Auth0::Guardian::Factors::PushNotification::Types::SetGuardianFactorsProviderPushNotificationSnsRequestContent] @@ -322,8 +322,9 @@ def set_sns_provider(request_options: {}, **params) end end - # Configure the AWS - # SNS push notification provider configuration (subscription required). + # Configure the [AWS SNS push notification provider + # configuration](https://auth0.com/docs/multifactor-authentication/developer/sns-configuration) (subscription + # required). # # @param request_options [Hash] # @param params [Auth0::Guardian::Factors::PushNotification::Types::UpdateGuardianFactorsProviderPushNotificationSnsRequestContent] diff --git a/lib/auth0/guardian/policies/client.rb b/lib/auth0/guardian/policies/client.rb index 55e989f2..f2f9bc72 100644 --- a/lib/auth0/guardian/policies/client.rb +++ b/lib/auth0/guardian/policies/client.rb @@ -11,19 +11,17 @@ def initialize(client:) @client = client end - # Retrieve the multi-factor - # authentication (MFA) policies configured for your tenant. + # Retrieve the [multi-factor authentication (MFA) + # policies](https://auth0.com/docs/secure/multi-factor-authentication/enable-mfa) configured for your tenant. # # The following policies are supported: - # # - # Note: The confidence-score policy is part of the Adaptive MFA feature. - # Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 - # Pricing for more details. + # - `all-applications` policy prompts with MFA for all logins. + # - `confidence-score` policy prompts with MFA only for low confidence logins. + # + # **Note**: The `confidence-score` policy is part of the [Adaptive MFA + # feature](https://auth0.com/docs/secure/multi-factor-authentication/adaptive-mfa). Adaptive MFA requires an + # add-on for the Enterprise plan; review [Auth0 Pricing](https://auth0.com/pricing) for more details. # # @param request_options [Hash] # @param _params [Hash] @@ -55,19 +53,17 @@ def list(request_options: {}, **_params) end end - # Set multi-factor authentication - # (MFA) policies for your tenant. + # Set [multi-factor authentication (MFA) + # policies](https://auth0.com/docs/secure/multi-factor-authentication/enable-mfa) for your tenant. # # The following policies are supported: - # # - # Note: The confidence-score policy is part of the Adaptive MFA feature. - # Adaptive MFA requires an add-on for the Enterprise plan; review Auth0 - # Pricing for more details. + # - `all-applications` policy prompts with MFA for all logins. + # - `confidence-score` policy prompts with MFA only for low confidence logins. + # + # **Note**: The `confidence-score` policy is part of the [Adaptive MFA + # feature](https://auth0.com/docs/secure/multi-factor-authentication/adaptive-mfa). Adaptive MFA requires an + # add-on for the Enterprise plan; review [Auth0 Pricing](https://auth0.com/pricing) for more details. # # @param request_options [Hash] # @param params [Auth0::Types::SetGuardianPoliciesRequestContent] diff --git a/lib/auth0/jobs/verification_email/client.rb b/lib/auth0/jobs/verification_email/client.rb index c97a8bd7..317e83ba 100644 --- a/lib/auth0/jobs/verification_email/client.rb +++ b/lib/auth0/jobs/verification_email/client.rb @@ -11,8 +11,8 @@ def initialize(client:) @client = client end - # Send an email to the specified user that asks them to click a link to verify their email address. + # Send an email to the specified user that asks them to click a link to [verify their email + # address](https://auth0.com/docs/email/custom#verification-email). # # Note: You must have the `Status` toggle enabled for the verification email template for the email to be sent. # diff --git a/lib/auth0/logs/client.rb b/lib/auth0/logs/client.rb index 9ba503fa..36ea985c 100644 --- a/lib/auth0/logs/client.rb +++ b/lib/auth0/logs/client.rb @@ -12,50 +12,42 @@ def initialize(client:) # Retrieve log entries that match the specified search criteria (or all log entries if no criteria specified). # - # Set custom search criteria using the q parameter, or search from a specific log ID ("search from - # checkpoint"). + # Set custom search criteria using the `q` parameter, or search from a specific log ID (_"search from + # checkpoint"_). # - # For more information on all possible event types, their respective acronyms, and descriptions, see Log Event Type Codes. + # For more information on all possible event types, their respective acronyms, and descriptions, see [Log Event + # Type Codes](https://auth0.com/docs/logs/log-event-type-codes). # - #
To set custom search criteria, use the following parameters:
+ # **To set custom search criteria, use the following parameters:** # - # + # - **q:** Search Criteria using [Query String Syntax](https://auth0.com/docs/logs/log-search-query-syntax) + # - **page:** Page index of the results to return. First page is 0. + # - **per_page:** Number of results per page. + # - **sort:** Field to use for sorting appended with `:1` for ascending and `:-1` for descending. e.g. `date:-1` + # - **fields:** Comma-separated list of fields to include or exclude (depending on include_fields) from the + # result, empty to retrieve all fields. + # - **include_fields:** Whether specified fields are to be included (true) or excluded (false). + # - **include_totals:** Return results inside an object that contains the total result count (true) or as a direct + # array of results (false, default). **Deprecated:** this field is deprecated and should be removed from use. See + # [Search Engine V3 Breaking + # Changes](https://auth0.com/docs/product-lifecycle/deprecations-and-migrations/migrate-to-tenant-log-search-v3#pagination) # - # For more information on the list of fields that can be used in fields and sort, see Searchable Fields. + # For more information on the list of fields that can be used in `fields` and `sort`, see [Searchable + # Fields](https://auth0.com/docs/logs/log-search-query-syntax#searchable-fields). # - # Auth0 limits the number of - # logs you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through - # 1,000 search results. If you exceed this threshold, please redefine your search or use the get logs by - # checkpoint method. + # Auth0 [limits the number of logs](https://auth0.com/docs/logs/retrieve-log-events-using-mgmt-api#limitations) + # you can return by search criteria to 100 logs per request. Furthermore, you may paginate only through 1,000 + # search results. If you exceed this threshold, please redefine your search or use the [get logs by checkpoint + # method](https://auth0.com/docs/logs/retrieve-log-events-using-mgmt-api#retrieve-logs-by-checkpoint). # - #
To search from a checkpoint log ID, use the following parameters:
- # + # **To search from a checkpoint log ID, use the following parameters:** # - # Important: When fetching logs from a checkpoint log ID, any parameter other than - # from and take will be ignored, and date ordering is not guaranteed. + # - **from:** Log Event ID from which to start retrieving logs. You can limit the number of logs returned using + # the `take` parameter. If you use `from` at the same time as `q`, `from` takes precedence and `q` is ignored. + # - **take:** Number of entries to retrieve when using the `from` parameter. + # + # **Important:** When fetching logs from a checkpoint log ID, any parameter other than `from` and `take` will be + # ignored, and date ordering is not guaranteed. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/organizations/client.rb b/lib/auth0/organizations/client.rb index a8423232..5f409422 100644 --- a/lib/auth0/organizations/client.rb +++ b/lib/auth0/organizations/client.rb @@ -14,25 +14,22 @@ def initialize(client:) # Organizations. # # This endpoint supports two types of pagination: - # + # + # - Offset pagination + # - Checkpoint pagination # # Checkpoint pagination must be used if you need to retrieve more than 1000 organizations. # - #

Checkpoint Pagination

+ # **Checkpoint Pagination** # # To search by checkpoint, use the following parameters: - # # - # Note: The first time you call this endpoint using checkpoint pagination, omit the from - # parameter. If there are more results, a next value is included in the response. You can use this - # for subsequent API calls. When next is no longer included in the response, no pages are remaining. + # - `from`: Optional id from which to start selection. + # - `take`: The total number of entries to retrieve when using the `from` parameter. Defaults to 50. + # + # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If there + # are more results, a `next` value is included in the response. You can use this for subsequent API calls. When + # `next` is no longer included in the response, no pages are remaining. # # @param request_options [Hash] # @param params [Hash] @@ -83,9 +80,8 @@ def list(request_options: {}, **params) end # Create a new Organization within your tenant. To learn more about Organization settings, behavior, and - # configuration options, review Create Your First - # Organization. + # configuration options, review [Create Your First + # Organization](https://auth0.com/docs/manage-users/organizations/create-first-organization). # # @param request_options [Hash] # @param params [Auth0::Organizations::Types::CreateOrganizationRequestContent] @@ -189,8 +185,8 @@ def get(request_options: {}, **params) # Remove an Organization from your tenant. This action cannot be undone. # - # Note: Members are automatically disassociated from an Organization when it is deleted. However, this - # action does not delete these users from your tenant. + # **Note**: Members are automatically disassociated from an Organization when it is deleted. However, this action + # does **not** delete these users from your tenant. # # @param request_options [Hash] # @param params [Hash] @@ -222,8 +218,8 @@ def delete(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Update the details of a specific Organization, + # Update the details of a specific + # [Organization](https://auth0.com/docs/manage-users/organizations/configure-organizations/create-organizations), # such as name and display name, branding options, and metadata. # # @param request_options [Hash] @@ -292,6 +288,11 @@ def invitations def members @members ||= Auth0::Organizations::Members::Client.new(client: @client) end + + # @return [Auth0::Groups::Client] + def groups + @groups ||= Auth0::Organizations::Groups::Client.new(client: @client) + end end end end diff --git a/lib/auth0/organizations/discovery_domains/client.rb b/lib/auth0/organizations/discovery_domains/client.rb index d764c0db..e243939a 100644 --- a/lib/auth0/organizations/discovery_domains/client.rb +++ b/lib/auth0/organizations/discovery_domains/client.rb @@ -209,9 +209,8 @@ def delete(request_options: {}, **params) end # Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The - # status field must be either pending or verified. The - # use_for_organization_discovery field can be true or false (default: - # true). + # `status` field must be either `pending` or `verified`. The `use_for_organization_discovery` field can be + # `true` or `false` (default: `true`). # # @param request_options [Hash] # @param params [Auth0::Organizations::DiscoveryDomains::Types::UpdateOrganizationDiscoveryDomainRequestContent] diff --git a/lib/auth0/organizations/enabled_connections/client.rb b/lib/auth0/organizations/enabled_connections/client.rb index 3569ad35..4dcdfc26 100644 --- a/lib/auth0/organizations/enabled_connections/client.rb +++ b/lib/auth0/organizations/enabled_connections/client.rb @@ -68,8 +68,8 @@ def list(request_options: {}, **params) # Enable a specific connection for a given Organization. To enable a connection, it must already exist within # your tenant; connections cannot be created through this action. # - # Connections represent the relationship - # between Auth0 and a source of users. Available types of connections include database, enterprise, and social. + # [Connections](https://auth0.com/docs/authenticate/identity-providers) represent the relationship between Auth0 + # and a source of users. Available types of connections include database, enterprise, and social. # # @param request_options [Hash] # @param params [Auth0::Organizations::EnabledConnections::Types::AddOrganizationConnectionRequestContent] @@ -148,7 +148,7 @@ def get(request_options: {}, **params) # Disable a specific connection for an Organization. Once disabled, Organization members can no longer use that # connection to authenticate. # - # Note: This action does not remove the connection from your tenant. + # **Note**: This action does not remove the connection from your tenant. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/organizations/groups/client.rb b/lib/auth0/organizations/groups/client.rb new file mode 100644 index 00000000..44e01f9a --- /dev/null +++ b/lib/auth0/organizations/groups/client.rb @@ -0,0 +1,70 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the groups that are assigned to the specified organization. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :organization_id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListOrganizationGroupsResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :groups, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListOrganizationGroupsResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # @return [Auth0::Roles::Client] + def roles + @roles ||= Auth0::Organizations::Groups::Roles::Client.new(client: @client) + end + end + end + end +end diff --git a/lib/auth0/organizations/groups/roles/client.rb b/lib/auth0/organizations/groups/roles/client.rb new file mode 100644 index 00000000..425800f3 --- /dev/null +++ b/lib/auth0/organizations/groups/roles/client.rb @@ -0,0 +1,144 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + module Roles + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the roles assigned to the specified group in the context of an organization. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :organization_id + # @option params [String] :group_id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListOrganizationGroupRolesResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :roles, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListOrganizationGroupRolesResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # Assign one or more roles to a specified group in the context of an organization. + # + # @param request_options [Hash] + # @param params [Auth0::Organizations::Groups::Roles::Types::CreateOrganizationGroupRolesRequestContent] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :organization_id + # @option params [String] :group_id + # + # @return [untyped] + def create(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Organizations::Groups::Roles::Types::CreateOrganizationGroupRolesRequestContent.new(params).to_h + non_body_param_names = %w[organization_id group_id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "POST", + path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + + # Unassign one or more roles from a specified group in the context of an organization. + # + # @param request_options [Hash] + # @param params [Auth0::Organizations::Groups::Roles::Types::DeleteOrganizationGroupRolesRequestContent] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :organization_id + # @option params [String] :group_id + # + # @return [untyped] + def delete(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Organizations::Groups::Roles::Types::DeleteOrganizationGroupRolesRequestContent.new(params).to_h + non_body_param_names = %w[organization_id group_id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "DELETE", + path: "organizations/#{URI.encode_uri_component(params[:organization_id].to_s)}/groups/#{URI.encode_uri_component(params[:group_id].to_s)}/roles", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end + end +end diff --git a/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb b/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb new file mode 100644 index 00000000..7d0dc7b1 --- /dev/null +++ b/lib/auth0/organizations/groups/roles/types/create_organization_group_roles_request_content.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + module Roles + module Types + class CreateOrganizationGroupRolesRequestContent < Internal::Types::Model + field :organization_id, -> { String }, optional: false, nullable: false + + field :group_id, -> { String }, optional: false, nullable: false + + field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end + end +end diff --git a/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb b/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb new file mode 100644 index 00000000..77643dd0 --- /dev/null +++ b/lib/auth0/organizations/groups/roles/types/delete_organization_group_roles_request_content.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + module Roles + module Types + class DeleteOrganizationGroupRolesRequestContent < Internal::Types::Model + field :organization_id, -> { String }, optional: false, nullable: false + + field :group_id, -> { String }, optional: false, nullable: false + + field :roles, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end + end +end diff --git a/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb b/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb new file mode 100644 index 00000000..30a3265a --- /dev/null +++ b/lib/auth0/organizations/groups/roles/types/list_organization_group_roles_request_parameters.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + module Roles + module Types + class ListOrganizationGroupRolesRequestParameters < Internal::Types::Model + field :organization_id, -> { String }, optional: false, nullable: false + + field :group_id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end + end +end diff --git a/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb b/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb new file mode 100644 index 00000000..70addaaa --- /dev/null +++ b/lib/auth0/organizations/groups/types/list_organization_groups_request_parameters.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Groups + module Types + class ListOrganizationGroupsRequestParameters < Internal::Types::Model + field :organization_id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end +end diff --git a/lib/auth0/organizations/invitations/client.rb b/lib/auth0/organizations/invitations/client.rb index 0b996165..fa370ee0 100644 --- a/lib/auth0/organizations/invitations/client.rb +++ b/lib/auth0/organizations/invitations/client.rb @@ -13,9 +13,8 @@ def initialize(client:) # Retrieve a detailed list of invitations sent to users for a specific Organization. The list includes details # such as inviter and invitee information, invitation URLs, and dates of creation and expiration. To learn more - # about Organization invitations, review Invite - # Organization Members. + # about Organization invitations, review [Invite Organization + # Members](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members). # # @param request_options [Hash] # @param params [Hash] @@ -74,9 +73,9 @@ def list(request_options: {}, **params) end # Create a user invitation for a specific Organization. Upon creation, the listed user receives an email - # inviting them to join the Organization. To learn more about Organization invitations, review Invite - # Organization Members. + # inviting them to join the Organization. To learn more about Organization invitations, review [Invite + # Organization + # Members](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members). # # @param request_options [Hash] # @param params [Auth0::Organizations::Invitations::Types::CreateOrganizationInvitationRequestContent] diff --git a/lib/auth0/organizations/members/client.rb b/lib/auth0/organizations/members/client.rb index 9213a220..c0535088 100644 --- a/lib/auth0/organizations/members/client.rb +++ b/lib/auth0/organizations/members/client.rb @@ -15,17 +15,10 @@ def initialize(client:) # This endpoint is subject to eventual consistency. New users may not be immediately included in the response # and deleted users may not be immediately removed from it. # - # + # - Use the `fields` parameter to optionally define the specific member details retrieved. If `fields` is left + # blank, all fields (except roles) are returned. + # - Member roles are not sent by default. Use `fields=roles` to retrieve the roles assigned to each listed + # member. To use this parameter, you must include the `read:organization_member_roles` scope in the token. # # This endpoint supports two types of pagination: # @@ -34,14 +27,13 @@ def initialize(client:) # # Checkpoint pagination must be used if you need to retrieve more than 1000 organization members. # - #

Checkpoint Pagination

+ # **Checkpoint Pagination** # # To search by checkpoint, use the following parameters: - from: Optional id from which to start selection. - # take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. Note: The first - # time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. If - # there are more results, a next value will be included in the response. You can use this for - # subsequent API calls. When next is no longer included in the response, this indicates there are - # no more pages remaining. + # time you call this endpoint using Checkpoint Pagination, you should omit the `from` parameter. If there are + # more results, a `next` value will be included in the response. You can use this for subsequent API calls. When + # `next` is no longer included in the response, this indicates there are no more pages remaining. # # @param request_options [Hash] # @param params [Hash] @@ -94,13 +86,13 @@ def list(request_options: {}, **params) end end - # Set one or more existing users as members of a specific Organization. + # Set one or more existing users as members of a specific + # [Organization](https://auth0.com/docs/manage-users/organizations). # # To add a user to an Organization through this action, the user must already exist in your tenant. If a user - # does not yet exist, you can invite them to - # create an account, manually create them through the Auth0 Dashboard, or use the Management API. + # does not yet exist, you can [invite them to create an + # account](https://auth0.com/docs/manage-users/organizations/configure-organizations/invite-members), manually + # create them through the Auth0 Dashboard, or use the Management API. # # @param request_options [Hash] # @param params [Auth0::Organizations::Members::Types::CreateOrganizationMemberRequestContent] @@ -172,6 +164,11 @@ def delete(request_options: {}, **params) raise error_class.new(response.body, code: code) end + # @return [Auth0::EffectiveRoles::Client] + def effective_roles + @effective_roles ||= Auth0::Organizations::Members::EffectiveRoles::Client.new(client: @client) + end + # @return [Auth0::Roles::Client] def roles @roles ||= Auth0::Organizations::Members::Roles::Client.new(client: @client) diff --git a/lib/auth0/organizations/members/effective_roles/client.rb b/lib/auth0/organizations/members/effective_roles/client.rb new file mode 100644 index 00000000..f37cdd2d --- /dev/null +++ b/lib/auth0/organizations/members/effective_roles/client.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Members + module EffectiveRoles + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the roles assigned to an organization member directly or through group membership. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String] :user_id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListOrganizationMemberEffectiveRolesResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :roles, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "organizations/#{URI.encode_uri_component(params[:id].to_s)}/members/#{URI.encode_uri_component(params[:user_id].to_s)}/effective-roles", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListOrganizationMemberEffectiveRolesResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # @return [Auth0::Sources::Client] + def sources + @sources ||= Auth0::Organizations::Members::EffectiveRoles::Sources::Client.new(client: @client) + end + end + end + end + end +end diff --git a/lib/auth0/organizations/members/effective_roles/sources/client.rb b/lib/auth0/organizations/members/effective_roles/sources/client.rb new file mode 100644 index 00000000..70b51f78 --- /dev/null +++ b/lib/auth0/organizations/members/effective_roles/sources/client.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Members + module EffectiveRoles + module Sources + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # @return [Auth0::Groups::Client] + def groups + @groups ||= Auth0::Organizations::Members::EffectiveRoles::Sources::Groups::Client.new(client: @client) + end + end + end + end + end + end +end diff --git a/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb b/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb new file mode 100644 index 00000000..9fd2ad46 --- /dev/null +++ b/lib/auth0/organizations/members/effective_roles/sources/groups/client.rb @@ -0,0 +1,74 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Members + module EffectiveRoles + module Sources + module Groups + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the groups which grant the org member a given role. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String] :user_id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # @option params [String] :role_id + # + # @return [Auth0::Types::ListOrganizationMemberRoleSourceGroupsResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + query_params["role_id"] = params[:role_id] if params.key?(:role_id) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :groups, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "organizations/#{URI.encode_uri_component(params[:id].to_s)}/members/#{URI.encode_uri_component(params[:user_id].to_s)}/effective-roles/sources/groups", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListOrganizationMemberRoleSourceGroupsResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end + end + end + end + end + end +end diff --git a/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb b/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb new file mode 100644 index 00000000..bb363fe8 --- /dev/null +++ b/lib/auth0/organizations/members/effective_roles/sources/groups/types/list_organization_member_role_source_groups_request_parameters.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Members + module EffectiveRoles + module Sources + module Groups + module Types + class ListOrganizationMemberRoleSourceGroupsRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :user_id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + + field :role_id, -> { String }, optional: false, nullable: false + end + end + end + end + end + end + end +end diff --git a/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb b/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb new file mode 100644 index 00000000..0905487b --- /dev/null +++ b/lib/auth0/organizations/members/effective_roles/types/list_organization_member_effective_roles_request_parameters.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +module Auth0 + module Organizations + module Members + module EffectiveRoles + module Types + class ListOrganizationMemberEffectiveRolesRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :user_id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end + end +end diff --git a/lib/auth0/organizations/members/roles/client.rb b/lib/auth0/organizations/members/roles/client.rb index ec26635c..e48f7e01 100644 --- a/lib/auth0/organizations/members/roles/client.rb +++ b/lib/auth0/organizations/members/roles/client.rb @@ -69,8 +69,8 @@ def list(request_options: {}, **params) end end - # Assign one or more roles to a user to - # determine their access for a specific Organization. + # Assign one or more [roles](https://auth0.com/docs/manage-users/access-control/rbac) to a user to determine + # their access for a specific Organization. # # Users can be members of multiple Organizations with unique roles assigned for each membership. This action # assigns roles to a user only for the specified Organization. Roles cannot be assigned to a user across @@ -112,8 +112,8 @@ def assign(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Remove one or more Organization-specific roles from a given user. + # Remove one or more Organization-specific [roles](https://auth0.com/docs/manage-users/access-control/rbac) + # from a given user. # # Users can be members of multiple Organizations with unique roles assigned for each membership. This action # removes roles from a user in relation to the specified Organization. Roles assigned to the user within a diff --git a/lib/auth0/roles/client.rb b/lib/auth0/roles/client.rb index 35380ab1..ca204291 100644 --- a/lib/auth0/roles/client.rb +++ b/lib/auth0/roles/client.rb @@ -12,7 +12,7 @@ def initialize(client:) # Retrieve detailed list of user roles created in your tenant. # - # Note: The returned list does not include standard roles available for tenant members, such as Admin or + # **Note**: The returned list does not include standard roles available for tenant members, such as Admin or # Support Access. # # @param request_options [Hash] @@ -66,11 +66,10 @@ def list(request_options: {}, **params) end end - # Create a user role for Role-Based Access - # Control. + # Create a user role for [Role-Based Access Control](https://auth0.com/docs/manage-users/access-control/rbac). # - # Note: New roles are not associated with any permissions by default. To assign existing permissions to - # your role, review Associate Permissions with a Role. To create new permissions, review Add API Permissions. + # **Note**: New roles are not associated with any permissions by default. To assign existing permissions to your + # role, review Associate Permissions with a Role. To create new permissions, review Add API Permissions. # # @param request_options [Hash] # @param params [Auth0::Roles::Types::CreateRoleRequestContent] @@ -104,8 +103,8 @@ def create(request_options: {}, **params) end end - # Retrieve details about a specific user - # role specified by ID. + # Retrieve details about a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) specified + # by ID. # # @param request_options [Hash] # @param params [Hash] @@ -139,9 +138,8 @@ def get(request_options: {}, **params) end end - # Delete a specific user role from your - # tenant. Once deleted, it is removed from any user who was previously assigned that role. This action cannot be - # undone. + # Delete a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) from your tenant. Once + # deleted, it is removed from any user who was previously assigned that role. This action cannot be undone. # # @param request_options [Hash] # @param params [Hash] @@ -173,8 +171,8 @@ def delete(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Modify the details of a specific user role - # specified by ID. + # Modify the details of a specific [user role](https://auth0.com/docs/manage-users/access-control/rbac) specified + # by ID. # # @param request_options [Hash] # @param params [Auth0::Roles::Types::UpdateRoleRequestContent] @@ -213,6 +211,11 @@ def update(request_options: {}, **params) end end + # @return [Auth0::Groups::Client] + def groups + @groups ||= Auth0::Roles::Groups::Client.new(client: @client) + end + # @return [Auth0::Permissions::Client] def permissions @permissions ||= Auth0::Roles::Permissions::Client.new(client: @client) diff --git a/lib/auth0/roles/groups/client.rb b/lib/auth0/roles/groups/client.rb new file mode 100644 index 00000000..b661dc33 --- /dev/null +++ b/lib/auth0/roles/groups/client.rb @@ -0,0 +1,139 @@ +# frozen_string_literal: true + +module Auth0 + module Roles + module Groups + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the groups to which the specified role is assigned. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListRoleGroupsResponseContent] + def get(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :groups, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListRoleGroupsResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # Assign one or more groups to a specified role. + # + # @param request_options [Hash] + # @param params [Auth0::Roles::Groups::Types::AssignRoleGroupsRequestContent] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # + # @return [untyped] + def create(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Roles::Groups::Types::AssignRoleGroupsRequestContent.new(params).to_h + non_body_param_names = %w[id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "POST", + path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + + # Unassign one or more groups from a specified role. + # + # @param request_options [Hash] + # @param params [Auth0::Roles::Groups::Types::DeleteRoleGroupsRequestContent] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # + # @return [untyped] + def delete(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + request_data = Auth0::Roles::Groups::Types::DeleteRoleGroupsRequestContent.new(params).to_h + non_body_param_names = %w[id] + body = request_data.except(*non_body_param_names) + + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "DELETE", + path: "roles/#{URI.encode_uri_component(params[:id].to_s)}/groups", + body: body, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + return if code.between?(200, 299) + + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end +end diff --git a/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb b/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb new file mode 100644 index 00000000..68aa635b --- /dev/null +++ b/lib/auth0/roles/groups/types/assign_role_groups_request_content.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Roles + module Groups + module Types + class AssignRoleGroupsRequestContent < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :groups, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end +end diff --git a/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb b/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb new file mode 100644 index 00000000..cec08d47 --- /dev/null +++ b/lib/auth0/roles/groups/types/delete_role_groups_request_content.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Roles + module Groups + module Types + class DeleteRoleGroupsRequestContent < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :groups, -> { Internal::Types::Array[String] }, optional: false, nullable: false + end + end + end + end +end diff --git a/lib/auth0/roles/groups/types/list_role_groups_parameters.rb b/lib/auth0/roles/groups/types/list_role_groups_parameters.rb new file mode 100644 index 00000000..f8113cb8 --- /dev/null +++ b/lib/auth0/roles/groups/types/list_role_groups_parameters.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module Auth0 + module Roles + module Groups + module Types + class ListRoleGroupsParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end +end diff --git a/lib/auth0/roles/permissions/client.rb b/lib/auth0/roles/permissions/client.rb index eb3133b6..1b5bedb5 100644 --- a/lib/auth0/roles/permissions/client.rb +++ b/lib/auth0/roles/permissions/client.rb @@ -63,9 +63,9 @@ def list(request_options: {}, **params) end end - # Add one or more permissions - # to a specified user role. + # Add one or more + # [permissions](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/manage-permissions) to a + # specified user role. # # @param request_options [Hash] # @param params [Auth0::Roles::Permissions::Types::AddRolePermissionsRequestContent] @@ -102,9 +102,9 @@ def add(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Remove one or more permissions - # from a specified user role. + # Remove one or more + # [permissions](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/manage-permissions) from + # a specified user role. # # @param request_options [Hash] # @param params [Auth0::Roles::Permissions::Types::DeleteRolePermissionsRequestContent] diff --git a/lib/auth0/roles/users/client.rb b/lib/auth0/roles/users/client.rb index 410c7e24..11628408 100644 --- a/lib/auth0/roles/users/client.rb +++ b/lib/auth0/roles/users/client.rb @@ -11,31 +11,27 @@ def initialize(client:) @client = client end - # Retrieve list of users associated with a specific role. For Dashboard instructions, review View - # Users Assigned to Roles. + # Retrieve list of users associated with a specific role. For Dashboard instructions, review [View Users + # Assigned to + # Roles](https://auth0.com/docs/manage-users/access-control/configure-core-rbac/roles/view-users-assigned-to-roles). # # This endpoint supports two types of pagination: - # + # + # - Offset pagination + # - Checkpoint pagination # # Checkpoint pagination must be used if you need to retrieve more than 1000 organization members. # - #

Checkpoint Pagination

+ # **Checkpoint Pagination** # # To search by checkpoint, use the following parameters: - # # - # Note: The first time you call this endpoint using checkpoint pagination, omit the from - # parameter. If there are more results, a next value is included in the response. You can use this - # for subsequent API calls. When next is no longer included in the response, no pages are - # remaining. + # - `from`: Optional id from which to start selection. + # - `take`: The total amount of entries to retrieve when using the from parameter. Defaults to 50. + # + # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If + # there are more results, a `next` value is included in the response. You can use this for subsequent API calls. + # When `next` is no longer included in the response, no pages are remaining. # # @param request_options [Hash] # @param params [Hash] @@ -84,10 +80,10 @@ def list(request_options: {}, **params) end end - # Assign one or more users to an existing user role. To learn more, review Role-Based Access Control. + # Assign one or more users to an existing user role. To learn more, review [Role-Based Access + # Control](https://auth0.com/docs/manage-users/access-control/rbac). # - # Note: New roles cannot be created through this action. + # **Note**: New roles cannot be created through this action. # # @param request_options [Hash] # @param params [Auth0::Roles::Users::Types::AssignRoleUsersRequestContent] diff --git a/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb b/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb index f3f2bb09..92739bfa 100644 --- a/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb +++ b/lib/auth0/tenants/settings/types/update_tenant_settings_request_content.rb @@ -76,6 +76,8 @@ class UpdateTenantSettingsRequestContent < Internal::Types::Model field :phone_consolidated_experience, -> { Internal::Types::Boolean }, optional: true, nullable: false field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false + + field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodes }, optional: true, nullable: false end end end diff --git a/lib/auth0/token_exchange_profiles/client.rb b/lib/auth0/token_exchange_profiles/client.rb index b1e02c3f..d95fe3f1 100644 --- a/lib/auth0/token_exchange_profiles/client.rb +++ b/lib/auth0/token_exchange_profiles/client.rb @@ -12,21 +12,18 @@ def initialize(client:) # Retrieve a list of all Token Exchange Profiles available in your tenant. # - # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to - # securely validate the user’s subject_token. See User Guide for more details. + # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription + # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s + # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details. # # This endpoint supports Checkpoint pagination. To search by checkpoint, use the following parameters: - # # - # Note: The first time you call this endpoint using checkpoint pagination, omit the from - # parameter. If there are more results, a next value is included in the response. You can use this - # for subsequent API calls. When next is no longer included in the response, no pages are remaining. + # - `from`: Optional id from which to start selection. + # - `take`: The total amount of entries to retrieve when using the from parameter. Defaults to 50. + # + # **Note**: The first time you call this endpoint using checkpoint pagination, omit the `from` parameter. If there + # are more results, a `next` value is included in the response. You can use this for subsequent API calls. When + # `next` is no longer included in the response, no pages are remaining. # # @param request_options [Hash] # @param params [Hash] @@ -76,10 +73,9 @@ def list(request_options: {}, **params) # Create a new Token Exchange Profile within your tenant. # - # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to - # securely validate the user’s subject_token. See User Guide for more details. + # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription + # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s + # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details. # # @param request_options [Hash] # @param params [Auth0::TokenExchangeProfiles::Types::CreateTokenExchangeProfileRequestContent] @@ -115,10 +111,9 @@ def create(request_options: {}, **params) # Retrieve details about a single Token Exchange Profile specified by ID. # - # By using this feature, you agree to the applicable Free Trial terms in Okta’s Master Subscription Agreement. It is your responsibility to - # securely validate the user’s subject_token. See User Guide for more details. + # By using this feature, you agree to the applicable Free Trial terms in [Okta’s Master Subscription + # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user’s + # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details. # # @param request_options [Hash] # @param params [Hash] @@ -154,11 +149,9 @@ def get(request_options: {}, **params) # Delete a Token Exchange Profile within your tenant. # - # By using this feature, you agree to the applicable Free Trial terms in Okta's Master Subscription Agreement. It is your responsibility to - # securely validate the user's subject_token. See User Guide for more details. - # + # By using this feature, you agree to the applicable Free Trial terms in [Okta's Master Subscription + # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user's + # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details. # # @param request_options [Hash] # @param params [Hash] @@ -192,11 +185,9 @@ def delete(request_options: {}, **params) # Update a Token Exchange Profile within your tenant. # - # By using this feature, you agree to the applicable Free Trial terms in Okta's Master Subscription Agreement. It is your responsibility to - # securely validate the user's subject_token. See User Guide for more details. - # + # By using this feature, you agree to the applicable Free Trial terms in [Okta's Master Subscription + # Agreement](https://www.okta.com/legal/). It is your responsibility to securely validate the user's + # subject_token. See [User Guide](https://auth0.com/docs/authenticate/custom-token-exchange) for more details. # # @param request_options [Hash] # @param params [Auth0::TokenExchangeProfiles::Types::UpdateTokenExchangeProfileRequestContent] diff --git a/lib/auth0/types/client_external_metadata_type_enum.rb b/lib/auth0/types/client_external_metadata_type_enum.rb index 02cdb36d..0e09fa6b 100644 --- a/lib/auth0/types/client_external_metadata_type_enum.rb +++ b/lib/auth0/types/client_external_metadata_type_enum.rb @@ -6,6 +6,7 @@ module ClientExternalMetadataTypeEnum extend Auth0::Internal::Types::Enum CIMD = "cimd" + DCR = "dcr" end end end diff --git a/lib/auth0/types/connection_properties_options.rb b/lib/auth0/types/connection_properties_options.rb index ad722044..553eb44a 100644 --- a/lib/auth0/types/connection_properties_options.rb +++ b/lib/auth0/types/connection_properties_options.rb @@ -70,6 +70,8 @@ class ConnectionPropertiesOptions < Internal::Types::Model field :id_token_signed_response_algs, -> { Internal::Types::Array[Auth0::Types::ConnectionIDTokenSignedResponseAlgEnum] }, optional: true, nullable: false + field :dpop_signing_alg, -> { Auth0::Types::ConnectionDpopSigningAlgEnum }, optional: true, nullable: false + field :token_endpoint_auth_method, -> { Auth0::Types::ConnectionTokenEndpointAuthMethodEnum }, optional: true, nullable: false field :token_endpoint_auth_signing_alg, -> { Auth0::Types::ConnectionTokenEndpointAuthSigningAlgEnum }, optional: true, nullable: false diff --git a/lib/auth0/types/get_tenant_settings_response_content.rb b/lib/auth0/types/get_tenant_settings_response_content.rb index af213fcc..060e2ff0 100644 --- a/lib/auth0/types/get_tenant_settings_response_content.rb +++ b/lib/auth0/types/get_tenant_settings_response_content.rb @@ -76,6 +76,8 @@ class GetTenantSettingsResponseContent < Internal::Types::Model field :enable_ai_guide, -> { Internal::Types::Boolean }, optional: true, nullable: false field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false + + field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodesResponse }, optional: true, nullable: false end end end diff --git a/lib/auth0/types/list_group_roles_response_content.rb b/lib/auth0/types/list_group_roles_response_content.rb new file mode 100644 index 00000000..6496f976 --- /dev/null +++ b/lib/auth0/types/list_group_roles_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListGroupRolesResponseContent < Internal::Types::Model + field :roles, -> { Internal::Types::Array[Auth0::Types::Role] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_organization_group_roles_response_content.rb b/lib/auth0/types/list_organization_group_roles_response_content.rb new file mode 100644 index 00000000..81d0a884 --- /dev/null +++ b/lib/auth0/types/list_organization_group_roles_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListOrganizationGroupRolesResponseContent < Internal::Types::Model + field :roles, -> { Internal::Types::Array[Auth0::Types::Role] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_organization_groups_response_content.rb b/lib/auth0/types/list_organization_groups_response_content.rb new file mode 100644 index 00000000..ac197504 --- /dev/null +++ b/lib/auth0/types/list_organization_groups_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListOrganizationGroupsResponseContent < Internal::Types::Model + field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_organization_member_effective_roles_response_content.rb b/lib/auth0/types/list_organization_member_effective_roles_response_content.rb new file mode 100644 index 00000000..c8d4b1db --- /dev/null +++ b/lib/auth0/types/list_organization_member_effective_roles_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListOrganizationMemberEffectiveRolesResponseContent < Internal::Types::Model + field :roles, -> { Internal::Types::Array[Auth0::Types::OrganizationMemberEffectiveRole] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb b/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb new file mode 100644 index 00000000..bf1a2e7a --- /dev/null +++ b/lib/auth0/types/list_organization_member_role_source_groups_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListOrganizationMemberRoleSourceGroupsResponseContent < Internal::Types::Model + field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_role_groups_response_content.rb b/lib/auth0/types/list_role_groups_response_content.rb new file mode 100644 index 00000000..20613539 --- /dev/null +++ b/lib/auth0/types/list_role_groups_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListRoleGroupsResponseContent < Internal::Types::Model + field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb b/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb new file mode 100644 index 00000000..0dc5ad3d --- /dev/null +++ b/lib/auth0/types/list_user_effective_permission_role_sources_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListUserEffectivePermissionRoleSourcesResponseContent < Internal::Types::Model + field :roles, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionRoleSourceResponseContent] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_user_effective_permissions_response_content.rb b/lib/auth0/types/list_user_effective_permissions_response_content.rb new file mode 100644 index 00000000..d8e51248 --- /dev/null +++ b/lib/auth0/types/list_user_effective_permissions_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListUserEffectivePermissionsResponseContent < Internal::Types::Model + field :permissions, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionResponseContent] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_user_effective_roles_response_content.rb b/lib/auth0/types/list_user_effective_roles_response_content.rb new file mode 100644 index 00000000..b198bbc5 --- /dev/null +++ b/lib/auth0/types/list_user_effective_roles_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListUserEffectiveRolesResponseContent < Internal::Types::Model + field :roles, -> { Internal::Types::Array[Auth0::Types::UserEffectiveRole] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/list_user_role_source_groups_response_content.rb b/lib/auth0/types/list_user_role_source_groups_response_content.rb new file mode 100644 index 00000000..c1a20628 --- /dev/null +++ b/lib/auth0/types/list_user_role_source_groups_response_content.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class ListUserRoleSourceGroupsResponseContent < Internal::Types::Model + field :groups, -> { Internal::Types::Array[Auth0::Types::Group] }, optional: false, nullable: false + + field :next_, -> { String }, optional: true, nullable: false, api_name: "next" + end + end +end diff --git a/lib/auth0/types/oauth_scope.rb b/lib/auth0/types/oauth_scope.rb index 74fbcfe1..c559e595 100644 --- a/lib/auth0/types/oauth_scope.rb +++ b/lib/auth0/types/oauth_scope.rb @@ -104,6 +104,9 @@ module OauthScope READ_GRANTS = "read:grants" DELETE_GRANTS = "delete:grants" READ_GROUP_MEMBERS = "read:group_members" + CREATE_GROUP_ROLES = "create:group_roles" + READ_GROUP_ROLES = "read:group_roles" + DELETE_GROUP_ROLES = "delete:group_roles" READ_GROUPS = "read:groups" DELETE_GROUPS = "delete:groups" CREATE_GUARDIAN_ENROLLMENT_TICKETS = "create:guardian_enrollment_tickets" @@ -138,9 +141,15 @@ module OauthScope READ_ORGANIZATION_DISCOVERY_DOMAINS = "read:organization_discovery_domains" UPDATE_ORGANIZATION_DISCOVERY_DOMAINS = "update:organization_discovery_domains" DELETE_ORGANIZATION_DISCOVERY_DOMAINS = "delete:organization_discovery_domains" + CREATE_ORGANIZATION_GROUP_ROLES = "create:organization_group_roles" + READ_ORGANIZATION_GROUP_ROLES = "read:organization_group_roles" + DELETE_ORGANIZATION_GROUP_ROLES = "delete:organization_group_roles" + READ_ORGANIZATION_GROUPS = "read:organization_groups" CREATE_ORGANIZATION_INVITATIONS = "create:organization_invitations" READ_ORGANIZATION_INVITATIONS = "read:organization_invitations" DELETE_ORGANIZATION_INVITATIONS = "delete:organization_invitations" + READ_ORGANIZATION_MEMBER_EFFECTIVE_ROLES = "read:organization_member_effective_roles" + READ_ORGANIZATION_MEMBER_ROLE_SOURCE_GROUPS = "read:organization_member_role_source_groups" CREATE_ORGANIZATION_MEMBER_ROLES = "create:organization_member_roles" READ_ORGANIZATION_MEMBER_ROLES = "read:organization_member_roles" DELETE_ORGANIZATION_MEMBER_ROLES = "delete:organization_member_roles" @@ -219,7 +228,11 @@ module OauthScope READ_USER_ATTRIBUTE_PROFILES = "read:user_attribute_profiles" UPDATE_USER_ATTRIBUTE_PROFILES = "update:user_attribute_profiles" DELETE_USER_ATTRIBUTE_PROFILES = "delete:user_attribute_profiles" + READ_USER_EFFECTIVE_PERMISSIONS = "read:user_effective_permissions" + READ_USER_EFFECTIVE_ROLES = "read:user_effective_roles" READ_USER_IDP_TOKENS = "read:user_idp_tokens" + READ_USER_PERMISSION_SOURCE_ROLES = "read:user_permission_source_roles" + READ_USER_ROLE_SOURCE_GROUPS = "read:user_role_source_groups" CREATE_USER_TICKETS = "create:user_tickets" CREATE_USERS = "create:users" READ_USERS = "read:users" diff --git a/lib/auth0/types/organization_member_effective_role.rb b/lib/auth0/types/organization_member_effective_role.rb new file mode 100644 index 00000000..6cb8579a --- /dev/null +++ b/lib/auth0/types/organization_member_effective_role.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class OrganizationMemberEffectiveRole < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :name, -> { String }, optional: false, nullable: false + + field :description, -> { String }, optional: false, nullable: false + + field :sources, -> { Internal::Types::Array[Auth0::Types::OrganizationMemberEffectiveRoleSource] }, optional: false, nullable: false + end + end +end diff --git a/lib/auth0/types/organization_member_effective_role_source.rb b/lib/auth0/types/organization_member_effective_role_source.rb new file mode 100644 index 00000000..a369248f --- /dev/null +++ b/lib/auth0/types/organization_member_effective_role_source.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module OrganizationMemberEffectiveRoleSource + extend Auth0::Internal::Types::Enum + + DIRECT = "direct" + GROUPS = "groups" + end + end +end diff --git a/lib/auth0/types/tenant_settings_country_codes.rb b/lib/auth0/types/tenant_settings_country_codes.rb new file mode 100644 index 00000000..b73410b5 --- /dev/null +++ b/lib/auth0/types/tenant_settings_country_codes.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + # Phone country code configuration for identifier input. + class TenantSettingsCountryCodes < Internal::Types::Model + field :list, -> { Internal::Types::Array[String] }, optional: true, nullable: false + + field :mode, -> { Auth0::Types::TenantSettingsCountryCodesMode }, optional: true, nullable: false + end + end +end diff --git a/lib/auth0/types/tenant_settings_country_codes_mode.rb b/lib/auth0/types/tenant_settings_country_codes_mode.rb new file mode 100644 index 00000000..2f68c143 --- /dev/null +++ b/lib/auth0/types/tenant_settings_country_codes_mode.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module TenantSettingsCountryCodesMode + extend Auth0::Internal::Types::Enum + + ALLOW = "allow" + DENY = "deny" + end + end +end diff --git a/lib/auth0/types/tenant_settings_country_codes_mode_response.rb b/lib/auth0/types/tenant_settings_country_codes_mode_response.rb new file mode 100644 index 00000000..4e2f792a --- /dev/null +++ b/lib/auth0/types/tenant_settings_country_codes_mode_response.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module TenantSettingsCountryCodesModeResponse + extend Auth0::Internal::Types::Enum + + ALLOW = "allow" + DENY = "deny" + end + end +end diff --git a/lib/auth0/types/tenant_settings_country_codes_response.rb b/lib/auth0/types/tenant_settings_country_codes_response.rb new file mode 100644 index 00000000..9c993572 --- /dev/null +++ b/lib/auth0/types/tenant_settings_country_codes_response.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + # Phone country code configuration for identifier input. + class TenantSettingsCountryCodesResponse < Internal::Types::Model + field :list, -> { Internal::Types::Array[String] }, optional: true, nullable: false + + field :mode, -> { Auth0::Types::TenantSettingsCountryCodesModeResponse }, optional: true, nullable: false + end + end +end diff --git a/lib/auth0/types/update_connection_options.rb b/lib/auth0/types/update_connection_options.rb index 672c6b79..e5ee5ebb 100644 --- a/lib/auth0/types/update_connection_options.rb +++ b/lib/auth0/types/update_connection_options.rb @@ -73,6 +73,8 @@ class UpdateConnectionOptions < Internal::Types::Model field :id_token_signed_response_algs, -> { Internal::Types::Array[Auth0::Types::ConnectionIDTokenSignedResponseAlgEnum] }, optional: true, nullable: false + field :dpop_signing_alg, -> { Auth0::Types::ConnectionDpopSigningAlgEnum }, optional: true, nullable: false + field :token_endpoint_auth_method, -> { Auth0::Types::ConnectionTokenEndpointAuthMethodEnum }, optional: true, nullable: false field :token_endpoint_auth_signing_alg, -> { Auth0::Types::ConnectionTokenEndpointAuthSigningAlgEnum }, optional: true, nullable: false diff --git a/lib/auth0/types/update_tenant_settings_response_content.rb b/lib/auth0/types/update_tenant_settings_response_content.rb index 6a155a83..09a6105f 100644 --- a/lib/auth0/types/update_tenant_settings_response_content.rb +++ b/lib/auth0/types/update_tenant_settings_response_content.rb @@ -76,6 +76,8 @@ class UpdateTenantSettingsResponseContent < Internal::Types::Model field :enable_ai_guide, -> { Internal::Types::Boolean }, optional: true, nullable: false field :dynamic_client_registration_security_mode, -> { Auth0::Types::TenantSettingsDynamicClientRegistrationSecurityMode }, optional: true, nullable: false + + field :country_codes, -> { Auth0::Types::TenantSettingsCountryCodesResponse }, optional: true, nullable: false end end end diff --git a/lib/auth0/types/user_effective_permission_response_content.rb b/lib/auth0/types/user_effective_permission_response_content.rb new file mode 100644 index 00000000..f8eaf9eb --- /dev/null +++ b/lib/auth0/types/user_effective_permission_response_content.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class UserEffectivePermissionResponseContent < Internal::Types::Model + field :resource_server_identifier, -> { String }, optional: true, nullable: false + + field :permission_name, -> { String }, optional: true, nullable: false + + field :resource_server_name, -> { String }, optional: true, nullable: false + + field :description, -> { String }, optional: true, nullable: false + + field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionSourceEnum] }, optional: true, nullable: false + end + end +end diff --git a/lib/auth0/types/user_effective_permission_role_source_enum.rb b/lib/auth0/types/user_effective_permission_role_source_enum.rb new file mode 100644 index 00000000..7046ccb5 --- /dev/null +++ b/lib/auth0/types/user_effective_permission_role_source_enum.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module UserEffectivePermissionRoleSourceEnum + extend Auth0::Internal::Types::Enum + + DIRECT = "direct" + GROUPS = "groups" + end + end +end diff --git a/lib/auth0/types/user_effective_permission_role_source_response_content.rb b/lib/auth0/types/user_effective_permission_role_source_response_content.rb new file mode 100644 index 00000000..7a78d47a --- /dev/null +++ b/lib/auth0/types/user_effective_permission_role_source_response_content.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class UserEffectivePermissionRoleSourceResponseContent < Internal::Types::Model + field :id, -> { String }, optional: true, nullable: false + + field :name, -> { String }, optional: true, nullable: false + + field :description, -> { String }, optional: true, nullable: false + + field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectivePermissionRoleSourceEnum] }, optional: true, nullable: false + end + end +end diff --git a/lib/auth0/types/user_effective_permission_source_enum.rb b/lib/auth0/types/user_effective_permission_source_enum.rb new file mode 100644 index 00000000..fe21ed72 --- /dev/null +++ b/lib/auth0/types/user_effective_permission_source_enum.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module UserEffectivePermissionSourceEnum + extend Auth0::Internal::Types::Enum + + DIRECT = "direct" + ROLES = "roles" + end + end +end diff --git a/lib/auth0/types/user_effective_role.rb b/lib/auth0/types/user_effective_role.rb new file mode 100644 index 00000000..949e2752 --- /dev/null +++ b/lib/auth0/types/user_effective_role.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Auth0 + module Types + class UserEffectiveRole < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :name, -> { String }, optional: false, nullable: false + + field :description, -> { String }, optional: false, nullable: false + + field :sources, -> { Internal::Types::Array[Auth0::Types::UserEffectiveRoleSource] }, optional: false, nullable: false + end + end +end diff --git a/lib/auth0/types/user_effective_role_source.rb b/lib/auth0/types/user_effective_role_source.rb new file mode 100644 index 00000000..ce33f929 --- /dev/null +++ b/lib/auth0/types/user_effective_role_source.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +module Auth0 + module Types + module UserEffectiveRoleSource + extend Auth0::Internal::Types::Enum + + DIRECT = "direct" + GROUPS = "groups" + end + end +end diff --git a/lib/auth0/user_attribute_profiles/client.rb b/lib/auth0/user_attribute_profiles/client.rb index c8644431..725272f5 100644 --- a/lib/auth0/user_attribute_profiles/client.rb +++ b/lib/auth0/user_attribute_profiles/client.rb @@ -58,7 +58,7 @@ def list(request_options: {}, **params) end end - # Create a User Attribute Profile + # Create a User Attribute Profile. # # @param request_options [Hash] # @param params [Auth0::UserAttributeProfiles::Types::CreateUserAttributeProfileRequestContent] diff --git a/lib/auth0/user_blocks/client.rb b/lib/auth0/user_blocks/client.rb index c90b0dd1..5f3e111b 100644 --- a/lib/auth0/user_blocks/client.rb +++ b/lib/auth0/user_blocks/client.rb @@ -10,9 +10,9 @@ def initialize(client:) @client = client end - # Retrieve details of all Brute-force Protection blocks - # for a user with the given identifier (username, phone number, or email). + # Retrieve details of all [Brute-force + # Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) blocks for a user with the + # given identifier (username, phone number, or email). # # @param request_options [Hash] # @param params [Hash] @@ -52,11 +52,11 @@ def list_by_identifier(request_options: {}, **params) end end - # Remove all Brute-force - # Protection blocks for the user with the given identifier (username, phone number, or email). + # Remove all [Brute-force Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) + # blocks for the user with the given identifier (username, phone number, or email). # - # Note: This endpoint does not unblock users that were blocked by a tenant administrator. + # Note: This endpoint does not unblock users that were [blocked by a tenant + # administrator](https://auth0.com/docs/user-profile#block-and-unblock-a-user). # # @param request_options [Hash] # @param params [Hash] @@ -92,9 +92,9 @@ def delete_by_identifier(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Retrieve details of all Brute-force Protection blocks - # for the user with the given ID. + # Retrieve details of all [Brute-force + # Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) blocks for the user with the + # given ID. # # @param request_options [Hash] # @param params [Hash] @@ -133,11 +133,11 @@ def list(request_options: {}, **params) end end - # Remove all Brute-force - # Protection blocks for the user with the given ID. + # Remove all [Brute-force Protection](https://auth0.com/docs/secure/attack-protection/brute-force-protection) + # blocks for the user with the given ID. # - # Note: This endpoint does not unblock users that were blocked by a tenant administrator. + # Note: This endpoint does not unblock users that were [blocked by a tenant + # administrator](https://auth0.com/docs/user-profile#block-and-unblock-a-user). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/user_grants/client.rb b/lib/auth0/user_grants/client.rb index a0bc4068..7ad57892 100644 --- a/lib/auth0/user_grants/client.rb +++ b/lib/auth0/user_grants/client.rb @@ -10,8 +10,7 @@ def initialize(client:) @client = client end - # Retrieve the grants associated with your - # account. + # Retrieve the [grants](https://auth0.com/docs/api-auth/which-oauth-flow-to-use) associated with your account. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/authenticators/client.rb b/lib/auth0/users/authenticators/client.rb index 9c9aa6c1..2b3ebb47 100644 --- a/lib/auth0/users/authenticators/client.rb +++ b/lib/auth0/users/authenticators/client.rb @@ -12,9 +12,8 @@ def initialize(client:) end # Remove all authenticators registered to a given user ID, such as OTP, email, phone, and push-notification. - # This action cannot be undone. For more information, review Manage - # Authentication Methods with Management API. + # This action cannot be undone. For more information, review [Manage Authentication Methods with Management + # API](https://auth0.com/docs/secure/multi-factor-authentication/manage-mfa-auth0-apis/manage-authentication-methods-with-management-api). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/client.rb b/lib/auth0/users/client.rb index a4adc6b7..b1d4bacb 100644 --- a/lib/auth0/users/client.rb +++ b/lib/auth0/users/client.rb @@ -16,18 +16,22 @@ def initialize(client:) # - Sort the users to be returned # - Select the fields to be returned # - Specify the number of users to retrieve per page and the page index - # - # The q query parameter can be used to get users that match the specified criteria using query string syntax. # - # Learn more about searching for users. # - # Read about best practices when working with the - # API endpoints for retrieving users. + # + # The `q` query parameter can be used to get users that match the specified criteria [using query string + # syntax.](https://auth0.com/docs/users/search/v3/query-syntax) + # + # [Learn more about searching for users.](https://auth0.com/docs/users/search/v3) + # + # Read about [best practices](https://auth0.com/docs/users/search/best-practices) when working with the API + # endpoints for retrieving users. + # + # # # Auth0 limits the number of users you can return. If you exceed this threshold, please redefine your search, use - # the export job, or the User Import / Export extension. + # the [export job](https://auth0.com/docs/api/management/v2#!/Jobs/post_users_exports), or the [User Import / + # Export](https://auth0.com/docs/extensions/user-import-export) extension. # # @param request_options [Hash] # @param params [Hash] @@ -92,11 +96,11 @@ def list(request_options: {}, **params) end end - # Create a new user for a given database or passwordless connection. + # Create a new user for a given [database](https://auth0.com/docs/connections/database) or + # [passwordless](https://auth0.com/docs/connections/passwordless) connection. # - # Note: connection is required but other parameters such as email and - # password are dependent upon the type of connection. + # Note: `connection` is required but other parameters such as `email` and `password` are dependent upon the type + # of connection. # # @param request_options [Hash] # @param params [Auth0::Users::Types::CreateUserRequestContent] @@ -178,8 +182,8 @@ def list_users_by_email(request_options: {}, **params) end # Retrieve user details. A list of fields to include or exclude may also be specified. For more information, see - # Retrieve Users - # with the Get Users Endpoint. + # [Retrieve Users with the Get Users + # Endpoint](https://auth0.com/docs/manage-users/user-search/retrieve-users-with-get-users-endpoint). # # @param request_options [Hash] # @param params [Hash] @@ -220,8 +224,8 @@ def get(request_options: {}, **params) end end - # Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see Delete Users. + # Delete a user by user ID. This action cannot be undone. For Auth0 Dashboard instructions, see [Delete + # Users](https://auth0.com/docs/manage-users/user-accounts/delete-users). # # @param request_options [Hash] # @param params [Hash] @@ -257,75 +261,90 @@ def delete(request_options: {}, **params) # # These are the attributes that can be updated at the root level: # - # + # - app_metadata + # - blocked + # - email + # - email_verified + # - family_name + # - given_name + # - name + # - nickname + # - password + # - phone_number + # - phone_verified + # - picture + # - username + # - user_metadata + # - verify_email # # Some considerations: - # - # - #
Updating a field (non-metadata property)
+ # + # - The properties of the new object will replace the old ones. + # - The metadata fields are an exception to this rule (`user_metadata` and `app_metadata`). These properties are + # merged instead of being replaced but be careful, the merge only occurs on the first level. + # - If you are updating `email`, `email_verified`, `phone_number`, `phone_verified`, `username` or `password` of a + # secondary identity, you need to specify the `connection` property too. + # - If you are updating `email` or `phone_number` you can specify, optionally, the `client_id` property. + # - Updating `email_verified` is not supported for enterprise and passwordless sms connections. + # - Updating the `blocked` to `false` does not affect the user's blocked state from an excessive amount of + # incorrectly provided credentials. Use the "Unblock a user" endpoint from the "User Blocks" API to change the + # user's state. + # - Supported attributes can be unset by supplying `null` as the value. + # + # **Updating a field (non-metadata property)** + # # To mark the email address of a user as verified, the body to send should be: - # 
{ "email_verified": true }
# - #
Updating a user metadata root property
Let's assume that our test user has the following - # user_metadata: - # 
{ "user_metadata" : { "profileCode": 1479 } }
+ # ```json + # { "email_verified": true } + # ``` + # + # **Updating a user metadata root property** + # + # Let's assume that our test user has the following `user_metadata`: # - # To add the field addresses the body to send should be: - # 
{ "user_metadata" : { "addresses": {"work_address": "100 Industrial Way"} }}
+ # ```json + # { "user_metadata" : { "profileCode": 1479 } } + # ``` # - # The modified object ends up with the following user_metadata property:
{
+      # To add the field `addresses` the body to send should be:
+      #
+      # ```json
+      # { "user_metadata" : { "addresses": {"work_address": "100 Industrial Way"} }}
+      # ```
+      #
+      # The modified object ends up with the following `user_metadata` property:
+      #
+      # ```json
+      # {
       #   "user_metadata": {
       #     "profileCode": 1479,
       #     "addresses": { "work_address": "100 Industrial Way" }
       #   }
-      # }
+ # } + # ``` + # + # **Updating an inner user metadata property** + # + # If there's existing user metadata to which we want to add `"home_address": "742 Evergreen Terrace"` (using the + # `addresses` property) we should send the whole `addresses` object. Since this is a first-level object, the + # object will be merged in, but its own properties will not be. The body to send should be: # - #
Updating an inner user metadata property
If there's existing user metadata to which we want to add - # "home_address": "742 Evergreen Terrace" (using the addresses property) we should send - # the whole addresses object. Since this is a first-level object, the object will be merged in, but - # its own properties will not be. The body to send should be: - # 
{
+      # ```json
+      # {
       #   "user_metadata": {
       #     "addresses": {
       #       "work_address": "100 Industrial Way",
       #       "home_address": "742 Evergreen Terrace"
       #     }
       #   }
-      # }
+ # } + # ``` # - # The modified object ends up with the following user_metadata property: - # 
{
+      # The modified object ends up with the following `user_metadata` property:
+      #
+      # ```json
+      # {
       #   "user_metadata": {
       #     "profileCode": 1479,
       #     "addresses": {
@@ -333,7 +352,8 @@ def delete(request_options: {}, **params)
       #       "home_address": "742 Evergreen Terrace"
       #     }
       #   }
-      # }
+ # } + # ``` # # @param request_options [Hash] # @param params [Auth0::Users::Types::UpdateUserRequestContent] @@ -372,10 +392,10 @@ def update(request_options: {}, **params) end end - # Remove an existing multi-factor authentication (MFA) recovery code and generate a - # new one. If a user cannot access the original device or account used for MFA enrollment, they can use a recovery - # code to authenticate. + # Remove an existing multi-factor authentication (MFA) [recovery + # code](https://auth0.com/docs/secure/multi-factor-authentication/reset-user-mfa) and generate a new one. If a + # user cannot access the original device or account used for MFA enrollment, they can use a recovery code to + # authenticate. # # @param request_options [Hash] # @param params [Hash] @@ -461,6 +481,16 @@ def connected_accounts @connected_accounts ||= Auth0::Users::ConnectedAccounts::Client.new(client: @client) end + # @return [Auth0::EffectivePermissions::Client] + def effective_permissions + @effective_permissions ||= Auth0::Users::EffectivePermissions::Client.new(client: @client) + end + + # @return [Auth0::EffectiveRoles::Client] + def effective_roles + @effective_roles ||= Auth0::Users::EffectiveRoles::Client.new(client: @client) + end + # @return [Auth0::Enrollments::Client] def enrollments @enrollments ||= Auth0::Users::Enrollments::Client.new(client: @client) diff --git a/lib/auth0/users/effective_permissions/client.rb b/lib/auth0/users/effective_permissions/client.rb new file mode 100644 index 00000000..23173a11 --- /dev/null +++ b/lib/auth0/users/effective_permissions/client.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectivePermissions + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Returns the list of effective permissions for a user, taking into account permissions granted directly to the + # user, as well as those inherited through roles and group memberships. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # @option params [String] :resource_server_identifier + # + # @return [Auth0::Types::ListUserEffectivePermissionsResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + query_params["resource_server_identifier"] = params[:resource_server_identifier] if params.key?(:resource_server_identifier) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :permissions, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-permissions", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListUserEffectivePermissionsResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # @return [Auth0::Sources::Client] + def sources + @sources ||= Auth0::Users::EffectivePermissions::Sources::Client.new(client: @client) + end + end + end + end +end diff --git a/lib/auth0/users/effective_permissions/sources/client.rb b/lib/auth0/users/effective_permissions/sources/client.rb new file mode 100644 index 00000000..f8136d26 --- /dev/null +++ b/lib/auth0/users/effective_permissions/sources/client.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectivePermissions + module Sources + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # @return [Auth0::Roles::Client] + def roles + @roles ||= Auth0::Users::EffectivePermissions::Sources::Roles::Client.new(client: @client) + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_permissions/sources/roles/client.rb b/lib/auth0/users/effective_permissions/sources/roles/client.rb new file mode 100644 index 00000000..0607cc3e --- /dev/null +++ b/lib/auth0/users/effective_permissions/sources/roles/client.rb @@ -0,0 +1,74 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectivePermissions + module Sources + module Roles + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the roles which grant the user a given permission, including roles assigned directly to the user and + # those inherited through group memberships. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # @option params [String] :resource_server_identifier + # @option params [String] :permission_name + # + # @return [Auth0::Types::ListUserEffectivePermissionRoleSourcesResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + query_params["resource_server_identifier"] = params[:resource_server_identifier] if params.key?(:resource_server_identifier) + query_params["permission_name"] = params[:permission_name] if params.key?(:permission_name) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :roles, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-permissions/sources/effective-roles", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListUserEffectivePermissionRoleSourcesResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb b/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb new file mode 100644 index 00000000..f67218a8 --- /dev/null +++ b/lib/auth0/users/effective_permissions/sources/roles/types/list_user_effective_permission_role_source_request_parameters.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectivePermissions + module Sources + module Roles + module Types + class ListUserEffectivePermissionRoleSourceRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + + field :resource_server_identifier, -> { String }, optional: false, nullable: false + + field :permission_name, -> { String }, optional: false, nullable: false + end + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb b/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb new file mode 100644 index 00000000..4f374142 --- /dev/null +++ b/lib/auth0/users/effective_permissions/types/list_user_effective_permissions_request_parameters.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectivePermissions + module Types + class ListUserEffectivePermissionsRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + + field :resource_server_identifier, -> { String }, optional: false, nullable: false + end + end + end + end +end diff --git a/lib/auth0/users/effective_roles/client.rb b/lib/auth0/users/effective_roles/client.rb new file mode 100644 index 00000000..fbcdaeb2 --- /dev/null +++ b/lib/auth0/users/effective_roles/client.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectiveRoles + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Retrieve detailed list of effective roles for a user, including roles assigned directly and through group + # memberships. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListUserEffectiveRolesResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :roles, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-roles", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListUserEffectiveRolesResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + + # @return [Auth0::Sources::Client] + def sources + @sources ||= Auth0::Users::EffectiveRoles::Sources::Client.new(client: @client) + end + end + end + end +end diff --git a/lib/auth0/users/effective_roles/sources/client.rb b/lib/auth0/users/effective_roles/sources/client.rb new file mode 100644 index 00000000..9980ff9f --- /dev/null +++ b/lib/auth0/users/effective_roles/sources/client.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectiveRoles + module Sources + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # @return [Auth0::Groups::Client] + def groups + @groups ||= Auth0::Users::EffectiveRoles::Sources::Groups::Client.new(client: @client) + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_roles/sources/groups/client.rb b/lib/auth0/users/effective_roles/sources/groups/client.rb new file mode 100644 index 00000000..6e6369c5 --- /dev/null +++ b/lib/auth0/users/effective_roles/sources/groups/client.rb @@ -0,0 +1,71 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectiveRoles + module Sources + module Groups + class Client + # @param client [Auth0::Internal::Http::RawClient] + # + # @return [void] + def initialize(client:) + @client = client + end + + # Lists the groups that grant a user a specific role. + # + # @param request_options [Hash] + # @param params [Hash] + # @option request_options [String] :base_url + # @option request_options [Hash{String => Object}] :additional_headers + # @option request_options [Hash{String => Object}] :additional_query_parameters + # @option request_options [Hash{String => Object}] :additional_body_parameters + # @option request_options [Integer] :timeout_in_seconds + # @option params [String] :id + # @option params [String] :role_id + # @option params [String, nil] :from + # @option params [Integer, nil] :take + # + # @return [Auth0::Types::ListUserRoleSourceGroupsResponseContent] + def list(request_options: {}, **params) + params = Auth0::Internal::Types::Utils.normalize_keys(params) + query_params = {} + query_params["role_id"] = params[:role_id] if params.key?(:role_id) + query_params["from"] = params[:from] if params.key?(:from) + query_params["take"] = params.fetch(:take, 50) + + Auth0::Internal::CursorItemIterator.new( + cursor_field: :next_, + item_field: :groups, + initial_cursor: query_params["from"] + ) do |next_cursor| + query_params["from"] = next_cursor + request = Auth0::Internal::JSON::Request.new( + base_url: request_options[:base_url], + method: "GET", + path: "users/#{URI.encode_uri_component(params[:id].to_s)}/effective-roles/sources/groups", + query: query_params, + request_options: request_options + ) + begin + response = @client.send(request) + rescue Net::HTTPRequestTimeout + raise Auth0::Errors::TimeoutError + end + code = response.code.to_i + if code.between?(200, 299) + parsed_response = Auth0::Types::ListUserRoleSourceGroupsResponseContent.load(response.body) + [parsed_response, response] + else + error_class = Auth0::Errors::ResponseError.subclass_for_code(code) + raise error_class.new(response.body, code: code) + end + end + end + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb b/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb new file mode 100644 index 00000000..6e72ae54 --- /dev/null +++ b/lib/auth0/users/effective_roles/sources/groups/types/list_user_role_source_groups_request_parameters.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectiveRoles + module Sources + module Groups + module Types + class ListUserRoleSourceGroupsRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :role_id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end + end + end +end diff --git a/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb b/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb new file mode 100644 index 00000000..3919e4dc --- /dev/null +++ b/lib/auth0/users/effective_roles/types/list_user_effective_roles_request_parameters.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module Auth0 + module Users + module EffectiveRoles + module Types + class ListUserEffectiveRolesRequestParameters < Internal::Types::Model + field :id, -> { String }, optional: false, nullable: false + + field :from, -> { String }, optional: true, nullable: false + + field :take, -> { Integer }, optional: true, nullable: false + end + end + end + end +end diff --git a/lib/auth0/users/enrollments/client.rb b/lib/auth0/users/enrollments/client.rb index 996329b7..752bdd6f 100644 --- a/lib/auth0/users/enrollments/client.rb +++ b/lib/auth0/users/enrollments/client.rb @@ -11,9 +11,9 @@ def initialize(client:) @client = client end - # Retrieve the first multi-factor - # authentication enrollment that a specific user has confirmed. + # Retrieve the first [multi-factor + # authentication](https://auth0.com/docs/secure/multi-factor-authentication/multi-factor-authentication-factors) + # enrollment that a specific user has confirmed. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/identities/client.rb b/lib/auth0/users/identities/client.rb index 003cc24c..349df52f 100644 --- a/lib/auth0/users/identities/client.rb +++ b/lib/auth0/users/identities/client.rb @@ -16,34 +16,35 @@ def initialize(client:) # # Note: There are two ways of invoking the endpoint: # - # + # - With the authenticated primary account's JWT in the Authorization header, which has the + # `update:current_user_identities` scope: + # + # ```http + # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities + # Authorization: "Bearer PRIMARY_ACCOUNT_JWT" + # { + # "link_with": "SECONDARY_ACCOUNT_JWT" + # } + # ``` + # + # In this case, only the `link_with` param is required in the body, which also contains the JWT obtained upon + # the secondary account's authentication. + # + # - With a token generated by the API V2 containing the `update:users` scope: + # + # ```http + # POST /api/v2/users/PRIMARY_ACCOUNT_USER_ID/identities + # Authorization: "Bearer YOUR_API_V2_TOKEN" + # { + # "provider": "SECONDARY_ACCOUNT_PROVIDER", + # "connection_id": "SECONDARY_ACCOUNT_CONNECTION_ID(OPTIONAL)", + # "user_id": "SECONDARY_ACCOUNT_USER_ID" + # } + # ``` + # + # In this case you need to send `provider` and `user_id` in the body. Optionally you can also send the + # `connection_id` param which is suitable for identifying a particular database connection for the 'auth0' + # provider. # # @param request_options [Hash] # @param params [Auth0::Users::Identities::Types::LinkUserIdentityRequestContent] @@ -84,9 +85,8 @@ def link(request_options: {}, **params) # and the secondary account. # # Unlinking the secondary account removes it from the identities array of the target user and creates a new - # standalone profile for the secondary account. To learn more, review Unlink User - # Accounts. + # standalone profile for the secondary account. To learn more, review [Unlink User + # Accounts](https://auth0.com/docs/manage-users/user-accounts/user-account-linking/unlink-user-accounts). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/multifactor/client.rb b/lib/auth0/users/multifactor/client.rb index 06fce51d..79587fc0 100644 --- a/lib/auth0/users/multifactor/client.rb +++ b/lib/auth0/users/multifactor/client.rb @@ -11,8 +11,8 @@ def initialize(client:) @client = client end - # Invalidate all remembered browsers across all authentication factors for a user. + # Invalidate all remembered browsers across all [authentication + # factors](https://auth0.com/docs/multifactor-authentication) for a user. # # @param request_options [Hash] # @param params [Hash] @@ -44,8 +44,8 @@ def invalidate_remember_browser(request_options: {}, **params) raise error_class.new(response.body, code: code) end - # Remove a multifactor authentication - # configuration from a user's account. This forces the user to manually reconfigure the multi-factor provider. + # Remove a [multifactor](https://auth0.com/docs/multifactor-authentication) authentication configuration from a + # user's account. This forces the user to manually reconfigure the multi-factor provider. # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/organizations/client.rb b/lib/auth0/users/organizations/client.rb index b3637e76..49d31224 100644 --- a/lib/auth0/users/organizations/client.rb +++ b/lib/auth0/users/organizations/client.rb @@ -12,7 +12,7 @@ def initialize(client:) end # Retrieve list of the specified user's current Organization memberships. User must be specified by user ID. For - # more information, review Auth0 Organizations. + # more information, review [Auth0 Organizations](https://auth0.com/docs/manage-users/organizations). # # @param request_options [Hash] # @param params [Hash] diff --git a/lib/auth0/users/roles/client.rb b/lib/auth0/users/roles/client.rb index 32b238f4..c948a452 100644 --- a/lib/auth0/users/roles/client.rb +++ b/lib/auth0/users/roles/client.rb @@ -13,10 +13,9 @@ def initialize(client:) # Retrieve detailed list of all user roles currently assigned to a user. # - # Note: This action retrieves all roles assigned to a user in the context of your whole tenant. To - # retrieve Organization-specific roles, use the following endpoint: Get user roles - # assigned to an Organization member. + # **Note**: This action retrieves all roles assigned to a user in the context of your whole tenant. To retrieve + # Organization-specific roles, use the following endpoint: [Get user roles assigned to an Organization + # member](https://auth0.com/docs/api/management/v2/organizations/get-organization-member-roles). # # @param request_options [Hash] # @param params [Hash] @@ -68,14 +67,13 @@ def list(request_options: {}, **params) end end - # Assign one or more existing user roles to a user. For more information, review Role-Based Access Control. + # Assign one or more existing user roles to a user. For more information, review [Role-Based Access + # Control](https://auth0.com/docs/manage-users/access-control/rbac). # - # Note: New roles cannot be created through this action. Additionally, this action is used to assign - # roles to a user in the context of your whole tenant. To assign roles in the context of a specific - # Organization, use the following endpoint: Assign user roles - # to an Organization member. + # **Note**: New roles cannot be created through this action. Additionally, this action is used to assign roles + # to a user in the context of your whole tenant. To assign roles in the context of a specific Organization, use + # the following endpoint: [Assign user roles to an Organization + # member](https://auth0.com/docs/api/management/v2/organizations/post-organization-member-roles). # # @param request_options [Hash] # @param params [Auth0::Users::Roles::Types::AssignUserRolesRequestContent] @@ -114,10 +112,10 @@ def assign(request_options: {}, **params) # Remove one or more specified user roles assigned to a user. # - # Note: This action removes a role from a user in the context of your whole tenant. If you want to - # unassign a role from a user in the context of a specific Organization, use the following endpoint: Delete user - # roles from an Organization member. + # **Note**: This action removes a role from a user in the context of your whole tenant. If you want to unassign + # a role from a user in the context of a specific Organization, use the following endpoint: [Delete user roles + # from an Organization + # member](https://auth0.com/docs/api/management/v2/organizations/delete-organization-member-roles). # # @param request_options [Hash] # @param params [Auth0::Users::Roles::Types::DeleteUserRolesRequestContent]