/*!
 * Copyright (c) 2017-present, Okta, Inc. and/or its affiliates. All rights reserved.
 * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
 *
 * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *
 * See the License for the specific language governing permissions and limitations under the License.
 */


/**
 * Okta Admin Management
 * Allows customers to easily access the Okta Management APIs
 *
 * OpenAPI spec version: 5.1.0
 * Contact: devex-public@okta.com
 *
 * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
 * https://openapi-generator.tech
 * Do not edit the class manually.
 */
import { GrantType } from './../models/GrantType';
import { IdTokenKeyEncryptionAlgorithm } from './../models/IdTokenKeyEncryptionAlgorithm';
import { OAuthResponseType } from './../models/OAuthResponseType';
import { OpenIdConnectApplicationConsentMethod } from './../models/OpenIdConnectApplicationConsentMethod';
import { OpenIdConnectApplicationIdpInitiatedLogin } from './../models/OpenIdConnectApplicationIdpInitiatedLogin';
import { OpenIdConnectApplicationIssuerMode } from './../models/OpenIdConnectApplicationIssuerMode';
import { OpenIdConnectApplicationNetwork } from './../models/OpenIdConnectApplicationNetwork';
import { OpenIdConnectApplicationSettingsClientKeys } from './../models/OpenIdConnectApplicationSettingsClientKeys';
import { OpenIdConnectApplicationSettingsRefreshToken } from './../models/OpenIdConnectApplicationSettingsRefreshToken';
import { OpenIdConnectApplicationType } from './../models/OpenIdConnectApplicationType';
export declare class OpenIdConnectApplicationSettingsClient {
  'application_type'?: OpenIdConnectApplicationType;
  /**
    * The signing algorithm for Client-Initiated Backchannel Authentication (CIBA) signed requests using JWT. If this value isn\'t set and a JWT-signed request is sent, the request fails. > **Note:** This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`.
    */
  'backchannel_authentication_request_signing_alg'?: OpenIdConnectApplicationSettingsClientBackchannelAuthenticationRequestSigningAlgEnum;
  /**
    * The ID of the custom authenticator that authenticates the user > **Note:** This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`.
    */
  'backchannel_custom_authenticator_id'?: string;
  /**
    * The delivery mode for Client-Initiated Backchannel Authentication (CIBA).  Currently, only `poll` is supported. > **Note:** This property appears for clients with `urn:openid:params:grant-type:ciba` defined as one of the `grant_types`.
    */
  'backchannel_token_delivery_mode'?: OpenIdConnectApplicationSettingsClientBackchannelTokenDeliveryModeEnum;
  /**
    * URL string of a web page providing information about the client
    */
  'client_uri'?: string;
  'consent_method'?: OpenIdConnectApplicationConsentMethod;
  /**
    * Indicates that the client application uses Demonstrating Proof-of-Possession (DPoP) for token requests. If `true`, the authorization server rejects token requests from this client that don\'t contain the DPoP header. > **Note:** If `dpop_bound_access_tokens` is true, then `client_credentials` and `implicit` aren\'t allowed in `grant_types`.
    */
  'dpop_bound_access_tokens'?: boolean;
  /**
    * Determines whether Okta sends `sid` and `iss` in the logout request
    */
  'frontchannel_logout_session_required'?: boolean;
  /**
    * URL where Okta sends the logout request
    */
  'frontchannel_logout_uri'?: string;
  'grant_types': Array<GrantType>;
  'id_token_encrypted_response_alg'?: IdTokenKeyEncryptionAlgorithm;
  'idp_initiated_login'?: OpenIdConnectApplicationIdpInitiatedLogin;
  /**
    * URL string that a third party can use to initiate the sign-in flow by the client
    */
  'initiate_login_uri'?: string;
  'issuer_mode'?: OpenIdConnectApplicationIssuerMode;
  'jwks'?: OpenIdConnectApplicationSettingsClientKeys;
  /**
    * URL string that references a JSON Web Key Set for validating JWTs presented to Okta or for encrypting ID tokens minted by Okta for the client
    */
  'jwks_uri'?: string;
  /**
    * The URL string that references a logo for the client. This logo appears on the client tile in the End-User Dashboard. It also appears on the client consent dialog during the client consent flow.
    */
  'logo_uri'?: string;
  'network'?: OpenIdConnectApplicationNetwork;
  /**
    * Allows the app to participate in front-channel Single Logout  > **Note:** You can only enable `participate_slo` for `web` and `browser` application types (`application_type`).
    */
  'participate_slo'?: boolean;
  /**
    * URL string of a web page providing the client\'s policy document
    */
  'policy_uri'?: string;
  /**
    * Array of redirection URI strings for relying party-initiated logouts
    */
  'post_logout_redirect_uris'?: Array<string>;
  /**
    * Array of redirection URI strings for use in redirect-based flows. > **Note:** At least one `redirect_uris` and `response_types` are required for all client types, with exceptions: if the client uses the [Resource Owner Password ](https://tools.ietf.org/html/rfc6749#section-4.3)flow (`grant_types` contains `password`) or [Client Credentials](https://tools.ietf.org/html/rfc6749#section-4.4)flow (`grant_types` contains `client_credentials`), then no `redirect_uris` or `response_types` is necessary. In these cases, you can pass either null or an empty array for these attributes.
    */
  'redirect_uris'?: Array<string>;
  'refresh_token'?: OpenIdConnectApplicationSettingsRefreshToken;
  /**
    * The type of JSON Web Key Set (JWKS) algorithm that must be used for signing request objects
    */
  'request_object_signing_alg'?: OpenIdConnectApplicationSettingsClientRequestObjectSigningAlgEnum;
  /**
    * Array of OAuth 2.0 response type strings
    */
  'response_types'?: Array<OAuthResponseType>;
  /**
    * The sector identifier used for pairwise `subject_type`. See [OIDC Pairwise Identifier Algorithm](https://openid.net/specs/openid-connect-messages-1_0-20.html#idtype.pairwise.alg)
    */
  'sector_identifier_uri'?: string;
  /**
    * Type of the subject
    */
  'subject_type'?: OpenIdConnectApplicationSettingsClientSubjectTypeEnum;
  /**
    * URL string of a web page providing the client\'s terms of service document
    */
  'tos_uri'?: string;
  /**
    * Indicates if the client is allowed to use wildcard matching of `redirect_uris`
    */
  'wildcard_redirect'?: OpenIdConnectApplicationSettingsClientWildcardRedirectEnum;
  static readonly discriminator: string | undefined;
  static readonly attributeTypeMap: Array<{
        name: string;
        baseName: string;
        type: string;
        format: string;
    }>;
  static getAttributeTypeMap(): {
        name: string;
        baseName: string;
        type: string;
        format: string;
    }[];
  constructor();
}
export type OpenIdConnectApplicationSettingsClientBackchannelAuthenticationRequestSigningAlgEnum = 'HS256' | 'HS384' | 'HS512' | 'RS256' | 'RS384' | 'RS512' | 'ES256' | 'ES384' | 'ES512';
export type OpenIdConnectApplicationSettingsClientBackchannelTokenDeliveryModeEnum = 'poll' | 'ping' | 'push';
export type OpenIdConnectApplicationSettingsClientRequestObjectSigningAlgEnum = 'HS256' | 'HS384' | 'HS512' | 'RS256' | 'RS384' | 'RS512' | 'ES256' | 'ES384' | 'ES512';
export type OpenIdConnectApplicationSettingsClientSubjectTypeEnum = 'public' | 'pairwise';
export type OpenIdConnectApplicationSettingsClientWildcardRedirectEnum = 'DISABLED' | 'SUBDOMAIN';