/* tslint:disable */ /* eslint-disable */ /** * Ory Hydra API * Documentation for all of Ory Hydra\'s APIs. * * The version of the OpenAPI document: v2.4.0-alpha.1 * Contact: hi@ory.sh * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ import type { Configuration } from './configuration'; import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios'; import globalAxios from 'axios'; // Some imports not used depending on template conditions // @ts-ignore import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from './common'; import type { RequestArgs } from './base'; // @ts-ignore import { BASE_PATH, COLLECTION_FORMATS, BaseAPI, RequiredError, operationServerMap } from './base'; /** * Contains information on an device verification * @export * @interface AcceptDeviceUserCodeRequest */ export interface AcceptDeviceUserCodeRequest { /** * * @type {string} * @memberof AcceptDeviceUserCodeRequest */ 'user_code'?: string; } /** * * @export * @interface AcceptOAuth2ConsentRequest */ export interface AcceptOAuth2ConsentRequest { /** * * @type {any} * @memberof AcceptOAuth2ConsentRequest */ 'context'?: any; /** * * @type {Array} * @memberof AcceptOAuth2ConsentRequest */ 'grant_access_token_audience'?: Array; /** * * @type {Array} * @memberof AcceptOAuth2ConsentRequest */ 'grant_scope'?: Array; /** * * @type {string} * @memberof AcceptOAuth2ConsentRequest */ 'handled_at'?: string; /** * Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. * @type {boolean} * @memberof AcceptOAuth2ConsentRequest */ 'remember'?: boolean; /** * RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. * @type {number} * @memberof AcceptOAuth2ConsentRequest */ 'remember_for'?: number; /** * * @type {AcceptOAuth2ConsentRequestSession} * @memberof AcceptOAuth2ConsentRequest */ 'session'?: AcceptOAuth2ConsentRequestSession; } /** * * @export * @interface AcceptOAuth2ConsentRequestSession */ export interface AcceptOAuth2ConsentRequestSession { /** * AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care! * @type {any} * @memberof AcceptOAuth2ConsentRequestSession */ 'access_token'?: any; /** * IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session\'id payloads are readable by anyone that has access to the ID Challenge. Use with care! * @type {any} * @memberof AcceptOAuth2ConsentRequestSession */ 'id_token'?: any; } /** * * @export * @interface AcceptOAuth2LoginRequest */ export interface AcceptOAuth2LoginRequest { /** * ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. * @type {string} * @memberof AcceptOAuth2LoginRequest */ 'acr'?: string; /** * * @type {Array} * @memberof AcceptOAuth2LoginRequest */ 'amr'?: Array; /** * * @type {any} * @memberof AcceptOAuth2LoginRequest */ 'context'?: any; /** * Extend OAuth2 authentication session lifespan If set to `true`, the OAuth2 authentication cookie lifespan is extended. This is for example useful if you want the user to be able to use `prompt=none` continuously. This value can only be set to `true` if the user has an authentication, which is the case if the `skip` value is `true`. * @type {boolean} * @memberof AcceptOAuth2LoginRequest */ 'extend_session_lifespan'?: boolean; /** * ForceSubjectIdentifier forces the \"pairwise\" user ID of the end-user that authenticated. The \"pairwise\" user ID refers to the (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID Connect specification. It allows you to set an obfuscated subject (\"user\") identifier that is unique to the client. Please note that this changes the user ID on endpoint /userinfo and sub claim of the ID Token. It does not change the sub claim in the OAuth 2.0 Introspection. Per default, ORY Hydra handles this value with its own algorithm. In case you want to set this yourself you can use this field. Please note that setting this field has no effect if `pairwise` is not configured in ORY Hydra or the OAuth 2.0 Client does not expect a pairwise identifier (set via `subject_type` key in the client\'s configuration). Please also be aware that ORY Hydra is unable to properly compute this value during authentication. This implies that you have to compute this value on every authentication process (probably depending on the client ID or some other unique value). If you fail to compute the proper value, then authentication processes which have id_token_hint set might fail. * @type {string} * @memberof AcceptOAuth2LoginRequest */ 'force_subject_identifier'?: string; /** * IdentityProviderSessionID is the session ID of the end-user that authenticated. If specified, we will use this value to propagate the logout. * @type {string} * @memberof AcceptOAuth2LoginRequest */ 'identity_provider_session_id'?: string; /** * Remember, if set to true, tells ORY Hydra to remember this user by telling the user agent (browser) to store a cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, he/she will not be asked to log in again. * @type {boolean} * @memberof AcceptOAuth2LoginRequest */ 'remember'?: boolean; /** * RememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the authorization will be remembered for the duration of the browser session (using a session cookie). * @type {number} * @memberof AcceptOAuth2LoginRequest */ 'remember_for'?: number; /** * Subject is the user ID of the end-user that authenticated. * @type {string} * @memberof AcceptOAuth2LoginRequest */ 'subject': string; } /** * Create JSON Web Key Set Request Body * @export * @interface CreateJsonWebKeySet */ export interface CreateJsonWebKeySet { /** * JSON Web Key Algorithm The algorithm to be used for creating the key. Supports `RS256`, `ES256`, `ES512`, `HS512`, and `HS256`. * @type {string} * @memberof CreateJsonWebKeySet */ 'alg': string; /** * JSON Web Key ID The Key ID of the key to be created. * @type {string} * @memberof CreateJsonWebKeySet */ 'kid': string; /** * JSON Web Key Use The \"use\" (public key use) parameter identifies the intended use of the public key. The \"use\" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Valid values are \"enc\" and \"sig\". * @type {string} * @memberof CreateJsonWebKeySet */ 'use': string; } /** * * @export * @interface CreateVerifiableCredentialRequestBody */ export interface CreateVerifiableCredentialRequestBody { /** * * @type {string} * @memberof CreateVerifiableCredentialRequestBody */ 'format'?: string; /** * * @type {VerifiableCredentialProof} * @memberof CreateVerifiableCredentialRequestBody */ 'proof'?: VerifiableCredentialProof; /** * * @type {Array} * @memberof CreateVerifiableCredentialRequestBody */ 'types'?: Array; } /** * Includes information about the supported verifiable credentials. * @export * @interface CredentialSupportedDraft00 */ export interface CredentialSupportedDraft00 { /** * OpenID Connect Verifiable Credentials Cryptographic Binding Methods Supported Contains a list of cryptographic binding methods supported for signing the proof. * @type {Array} * @memberof CredentialSupportedDraft00 */ 'cryptographic_binding_methods_supported'?: Array; /** * OpenID Connect Verifiable Credentials Cryptographic Suites Supported Contains a list of cryptographic suites methods supported for signing the proof. * @type {Array} * @memberof CredentialSupportedDraft00 */ 'cryptographic_suites_supported'?: Array; /** * OpenID Connect Verifiable Credentials Format Contains the format that is supported by this authorization server. * @type {string} * @memberof CredentialSupportedDraft00 */ 'format'?: string; /** * OpenID Connect Verifiable Credentials Types Contains the types of verifiable credentials supported. * @type {Array} * @memberof CredentialSupportedDraft00 */ 'types'?: Array; } /** * # Ory\'s OAuth 2.0 Device Authorization API * @export * @interface DeviceAuthorization */ export interface DeviceAuthorization { /** * The device verification code. * @type {string} * @memberof DeviceAuthorization */ 'device_code'?: string; /** * The lifetime in seconds of the \"device_code\" and \"user_code\". * @type {number} * @memberof DeviceAuthorization */ 'expires_in'?: number; /** * The minimum amount of time in seconds that the client SHOULD wait between polling requests to the token endpoint. If no value is provided, clients MUST use 5 as the default. * @type {number} * @memberof DeviceAuthorization */ 'interval'?: number; /** * The end-user verification code. * @type {string} * @memberof DeviceAuthorization */ 'user_code'?: string; /** * The end-user verification URI on the authorization server. The URI should be short and easy to remember as end users will be asked to manually type it into their user agent. * @type {string} * @memberof DeviceAuthorization */ 'verification_uri'?: string; /** * A verification URI that includes the \"user_code\" (or other information with the same function as the \"user_code\"), which is designed for non-textual transmission. * @type {string} * @memberof DeviceAuthorization */ 'verification_uri_complete'?: string; } /** * * @export * @interface DeviceUserAuthRequest */ export interface DeviceUserAuthRequest { /** * ID is the identifier (\"device challenge\") of the device grant request. It is used to identify the session. * @type {string} * @memberof DeviceUserAuthRequest */ 'challenge': string; /** * * @type {OAuth2Client} * @memberof DeviceUserAuthRequest */ 'client'?: OAuth2Client; /** * * @type {string} * @memberof DeviceUserAuthRequest */ 'handled_at'?: string; /** * RequestURL is the original Device Authorization URL requested. * @type {string} * @memberof DeviceUserAuthRequest */ 'request_url'?: string; /** * * @type {Array} * @memberof DeviceUserAuthRequest */ 'requested_access_token_audience'?: Array; /** * * @type {Array} * @memberof DeviceUserAuthRequest */ 'requested_scope'?: Array; } /** * Error * @export * @interface ErrorOAuth2 */ export interface ErrorOAuth2 { /** * Error * @type {string} * @memberof ErrorOAuth2 */ 'error'?: string; /** * Error Debug Information Only available in dev mode. * @type {string} * @memberof ErrorOAuth2 */ 'error_debug'?: string; /** * Error Description * @type {string} * @memberof ErrorOAuth2 */ 'error_description'?: string; /** * Error Hint Helps the user identify the error cause. * @type {string} * @memberof ErrorOAuth2 */ 'error_hint'?: string; /** * HTTP Status Code * @type {number} * @memberof ErrorOAuth2 */ 'status_code'?: number; } /** * * @export * @interface GenericError */ export interface GenericError { /** * The status code * @type {number} * @memberof GenericError */ 'code'?: number; /** * Debug information This field is often not exposed to protect against leaking sensitive information. * @type {string} * @memberof GenericError */ 'debug'?: string; /** * Further error details * @type {any} * @memberof GenericError */ 'details'?: any; /** * The error ID Useful when trying to identify various errors in application logic. * @type {string} * @memberof GenericError */ 'id'?: string; /** * Error message The error\'s message. * @type {string} * @memberof GenericError */ 'message': string; /** * A human-readable reason for the error * @type {string} * @memberof GenericError */ 'reason'?: string; /** * The request ID The request ID is often exposed internally in order to trace errors across service architectures. This is often a UUID. * @type {string} * @memberof GenericError */ 'request'?: string; /** * The status description * @type {string} * @memberof GenericError */ 'status'?: string; } /** * * @export * @interface GetVersion200Response */ export interface GetVersion200Response { /** * The version of Ory Hydra. * @type {string} * @memberof GetVersion200Response */ 'version'?: string; } /** * * @export * @interface HealthNotReadyStatus */ export interface HealthNotReadyStatus { /** * Errors contains a list of errors that caused the not ready status. * @type {{ [key: string]: string; }} * @memberof HealthNotReadyStatus */ 'errors'?: { [key: string]: string; }; } /** * * @export * @interface HealthStatus */ export interface HealthStatus { /** * Status always contains \"ok\". * @type {string} * @memberof HealthStatus */ 'status'?: string; } /** * Introspection contains an access token\'s session data as specified by [IETF RFC 7662](https://tools.ietf.org/html/rfc7662) * @export * @interface IntrospectedOAuth2Token */ export interface IntrospectedOAuth2Token { /** * Active is a boolean indicator of whether or not the presented token is currently active. The specifics of a token\'s \"active\" state will vary depending on the implementation of the authorization server and the information it keeps about its tokens, but a \"true\" value return for the \"active\" property will generally indicate that a given token has been issued by this authorization server, has not been revoked by the resource owner, and is within its given time window of validity (e.g., after its issuance time and before its expiration time). * @type {boolean} * @memberof IntrospectedOAuth2Token */ 'active': boolean; /** * Audience contains a list of the token\'s intended audiences. * @type {Array} * @memberof IntrospectedOAuth2Token */ 'aud'?: Array; /** * ID is aclient identifier for the OAuth 2.0 client that requested this token. * @type {string} * @memberof IntrospectedOAuth2Token */ 'client_id'?: string; /** * Expires at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token will expire. * @type {number} * @memberof IntrospectedOAuth2Token */ 'exp'?: number; /** * Extra is arbitrary data set by the session. * @type {{ [key: string]: any; }} * @memberof IntrospectedOAuth2Token */ 'ext'?: { [key: string]: any; }; /** * Issued at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token was originally issued. * @type {number} * @memberof IntrospectedOAuth2Token */ 'iat'?: number; /** * IssuerURL is a string representing the issuer of this token * @type {string} * @memberof IntrospectedOAuth2Token */ 'iss'?: string; /** * NotBefore is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token is not to be used before. * @type {number} * @memberof IntrospectedOAuth2Token */ 'nbf'?: number; /** * ObfuscatedSubject is set when the subject identifier algorithm was set to \"pairwise\" during authorization. It is the `sub` value of the ID Token that was issued. * @type {string} * @memberof IntrospectedOAuth2Token */ 'obfuscated_subject'?: string; /** * Scope is a JSON string containing a space-separated list of scopes associated with this token. * @type {string} * @memberof IntrospectedOAuth2Token */ 'scope'?: string; /** * Subject of the token, as defined in JWT [RFC7519]. Usually a machine-readable identifier of the resource owner who authorized this token. * @type {string} * @memberof IntrospectedOAuth2Token */ 'sub'?: string; /** * TokenType is the introspected token\'s type, typically `Bearer`. * @type {string} * @memberof IntrospectedOAuth2Token */ 'token_type'?: string; /** * TokenUse is the introspected token\'s use, for example `access_token` or `refresh_token`. * @type {string} * @memberof IntrospectedOAuth2Token */ 'token_use'?: string; /** * Username is a human-readable identifier for the resource owner who authorized this token. * @type {string} * @memberof IntrospectedOAuth2Token */ 'username'?: string; } /** * * @export * @interface IsReady200Response */ export interface IsReady200Response { /** * Always \"ok\". * @type {string} * @memberof IsReady200Response */ 'status'?: string; } /** * * @export * @interface IsReady503Response */ export interface IsReady503Response { /** * Errors contains a list of errors that caused the not ready status. * @type {{ [key: string]: string; }} * @memberof IsReady503Response */ 'errors'?: { [key: string]: string; }; } /** * A JSONPatch document as defined by RFC 6902 * @export * @interface JsonPatch */ export interface JsonPatch { /** * This field is used together with operation \"move\" and uses JSON Pointer notation. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). * @type {string} * @memberof JsonPatch */ 'from'?: string; /** * The operation to be performed. One of \"add\", \"remove\", \"replace\", \"move\", \"copy\", or \"test\". * @type {string} * @memberof JsonPatch */ 'op': string; /** * The path to the target path. Uses JSON pointer notation. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). * @type {string} * @memberof JsonPatch */ 'path': string; /** * The value to be used within the operations. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). * @type {any} * @memberof JsonPatch */ 'value'?: any; } /** * * @export * @interface JsonWebKey */ export interface JsonWebKey { /** * The \"alg\" (algorithm) parameter identifies the algorithm intended for use with the key. The values used should either be registered in the IANA \"JSON Web Signature and Encryption Algorithms\" registry established by [JWA] or be a value that contains a Collision- Resistant Name. * @type {string} * @memberof JsonWebKey */ 'alg': string; /** * * @type {string} * @memberof JsonWebKey */ 'crv'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'd'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'dp'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'dq'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'e'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'k'?: string; /** * The \"kid\" (key ID) parameter is used to match a specific key. This is used, for instance, to choose among a set of keys within a JWK Set during key rollover. The structure of the \"kid\" value is unspecified. When \"kid\" values are used within a JWK Set, different keys within the JWK Set SHOULD use distinct \"kid\" values. (One example in which different keys might use the same \"kid\" value is if they have different \"kty\" (key type) values but are considered to be equivalent alternatives by the application using them.) The \"kid\" value is a case-sensitive string. * @type {string} * @memberof JsonWebKey */ 'kid': string; /** * The \"kty\" (key type) parameter identifies the cryptographic algorithm family used with the key, such as \"RSA\" or \"EC\". \"kty\" values should either be registered in the IANA \"JSON Web Key Types\" registry established by [JWA] or be a value that contains a Collision- Resistant Name. The \"kty\" value is a case-sensitive string. * @type {string} * @memberof JsonWebKey */ 'kty': string; /** * * @type {string} * @memberof JsonWebKey */ 'n'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'p'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'q'?: string; /** * * @type {string} * @memberof JsonWebKey */ 'qi'?: string; /** * Use (\"public key use\") identifies the intended use of the public key. The \"use\" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Values are commonly \"sig\" (signature) or \"enc\" (encryption). * @type {string} * @memberof JsonWebKey */ 'use': string; /** * * @type {string} * @memberof JsonWebKey */ 'x'?: string; /** * The \"x5c\" (X.509 certificate chain) parameter contains a chain of one or more PKIX certificates [RFC5280]. The certificate chain is represented as a JSON array of certificate value strings. Each string in the array is a base64-encoded (Section 4 of [RFC4648] -- not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value. The PKIX certificate containing the key value MUST be the first certificate. * @type {Array} * @memberof JsonWebKey */ 'x5c'?: Array; /** * * @type {string} * @memberof JsonWebKey */ 'y'?: string; } /** * JSON Web Key Set * @export * @interface JsonWebKeySet */ export interface JsonWebKeySet { /** * List of JSON Web Keys The value of the \"keys\" parameter is an array of JSON Web Key (JWK) values. By default, the order of the JWK values within the array does not imply an order of preference among them, although applications of JWK Sets can choose to assign a meaning to the order for their purposes, if desired. * @type {Array} * @memberof JsonWebKeySet */ 'keys'?: Array; } /** * OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @export * @interface OAuth2Client */ export interface OAuth2Client { /** * OAuth 2.0 Access Token Strategy AccessTokenStrategy is the strategy used to generate access tokens. Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens Setting the stragegy here overrides the global setting in `strategies.access_token`. * @type {string} * @memberof OAuth2Client */ 'access_token_strategy'?: string; /** * * @type {Array} * @memberof OAuth2Client */ 'allowed_cors_origins'?: Array; /** * * @type {Array} * @memberof OAuth2Client */ 'audience'?: Array; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'authorization_code_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'authorization_code_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'authorization_code_grant_refresh_token_lifespan'?: string; /** * OpenID Connect Back-Channel Logout Session Required Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false. * @type {boolean} * @memberof OAuth2Client */ 'backchannel_logout_session_required'?: boolean; /** * OpenID Connect Back-Channel Logout URI RP URL that will cause the RP to log itself out when sent a Logout Token by the OP. * @type {string} * @memberof OAuth2Client */ 'backchannel_logout_uri'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'client_credentials_grant_access_token_lifespan'?: string; /** * OAuth 2.0 Client ID The ID is immutable. If no ID is provided, a UUID4 will be generated. * @type {string} * @memberof OAuth2Client */ 'client_id'?: string; /** * OAuth 2.0 Client Name The human-readable name of the client to be presented to the end-user during authorization. * @type {string} * @memberof OAuth2Client */ 'client_name'?: string; /** * OAuth 2.0 Client Secret The secret will be included in the create request as cleartext, and then never again. The secret is kept in hashed format and is not recoverable once lost. * @type {string} * @memberof OAuth2Client */ 'client_secret'?: string; /** * OAuth 2.0 Client Secret Expires At The field is currently not supported and its value is always 0. * @type {number} * @memberof OAuth2Client */ 'client_secret_expires_at'?: number; /** * OAuth 2.0 Client URI ClientURI is a URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion. * @type {string} * @memberof OAuth2Client */ 'client_uri'?: string; /** * * @type {Array} * @memberof OAuth2Client */ 'contacts'?: Array; /** * OAuth 2.0 Client Creation Date CreatedAt returns the timestamp of the client\'s creation. * @type {string} * @memberof OAuth2Client */ 'created_at'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'device_authorization_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'device_authorization_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'device_authorization_grant_refresh_token_lifespan'?: string; /** * OpenID Connect Front-Channel Logout Session Required Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be included to identify the RP session with the OP when the frontchannel_logout_uri is used. If omitted, the default value is false. * @type {boolean} * @memberof OAuth2Client */ 'frontchannel_logout_session_required'?: boolean; /** * OpenID Connect Front-Channel Logout URI RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out; if either is included, both MUST be. * @type {string} * @memberof OAuth2Client */ 'frontchannel_logout_uri'?: string; /** * * @type {Array} * @memberof OAuth2Client */ 'grant_types'?: Array; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'implicit_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'implicit_grant_id_token_lifespan'?: string; /** * OAuth 2.0 Client JSON Web Key Set Client\'s JSON Web Key Set [JWK] document, passed by value. The semantics of the jwks parameter are the same as the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwks_uri, it MUST NOT use jwks. One significant downside of jwks is that it does not enable key rotation (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwks_uri and jwks parameters MUST NOT be used together. * @type {any} * @memberof OAuth2Client */ 'jwks'?: any; /** * OAuth 2.0 Client JSON Web Key Set URL URL for the Client\'s JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the Client\'s encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key\'s intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. * @type {string} * @memberof OAuth2Client */ 'jwks_uri'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'jwt_bearer_grant_access_token_lifespan'?: string; /** * OAuth 2.0 Client Logo URI A URL string referencing the client\'s logo. * @type {string} * @memberof OAuth2Client */ 'logo_uri'?: string; /** * * @type {any} * @memberof OAuth2Client */ 'metadata'?: any; /** * OAuth 2.0 Client Owner Owner is a string identifying the owner of the OAuth 2.0 Client. * @type {string} * @memberof OAuth2Client */ 'owner'?: string; /** * OAuth 2.0 Client Policy URI PolicyURI is a URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data. * @type {string} * @memberof OAuth2Client */ 'policy_uri'?: string; /** * * @type {Array} * @memberof OAuth2Client */ 'post_logout_redirect_uris'?: Array; /** * * @type {Array} * @memberof OAuth2Client */ 'redirect_uris'?: Array; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'refresh_token_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'refresh_token_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2Client */ 'refresh_token_grant_refresh_token_lifespan'?: string; /** * OpenID Connect Dynamic Client Registration Access Token RegistrationAccessToken can be used to update, get, or delete the OAuth2 Client. It is sent when creating a client using Dynamic Client Registration. * @type {string} * @memberof OAuth2Client */ 'registration_access_token'?: string; /** * OpenID Connect Dynamic Client Registration URL RegistrationClientURI is the URL used to update, get, or delete the OAuth2 Client. * @type {string} * @memberof OAuth2Client */ 'registration_client_uri'?: string; /** * OpenID Connect Request Object Signing Algorithm JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects from this Client MUST be rejected, if not signed with this algorithm. * @type {string} * @memberof OAuth2Client */ 'request_object_signing_alg'?: string; /** * * @type {Array} * @memberof OAuth2Client */ 'request_uris'?: Array; /** * * @type {Array} * @memberof OAuth2Client */ 'response_types'?: Array; /** * OAuth 2.0 Client Scope Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens. * @type {string} * @memberof OAuth2Client */ 'scope'?: string; /** * OpenID Connect Sector Identifier URI URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values. * @type {string} * @memberof OAuth2Client */ 'sector_identifier_uri'?: string; /** * SkipConsent skips the consent screen for this client. This field can only be set from the admin API. * @type {boolean} * @memberof OAuth2Client */ 'skip_consent'?: boolean; /** * SkipLogoutConsent skips the logout consent screen for this client. This field can only be set from the admin API. * @type {boolean} * @memberof OAuth2Client */ 'skip_logout_consent'?: boolean; /** * OpenID Connect Subject Type The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`. * @type {string} * @memberof OAuth2Client */ 'subject_type'?: string; /** * OAuth 2.0 Token Endpoint Authentication Method Requested Client Authentication method for the Token Endpoint. The options are: `client_secret_basic`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. `client_secret_post`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets. * @type {string} * @memberof OAuth2Client */ 'token_endpoint_auth_method'?: string; /** * OAuth 2.0 Token Endpoint Signing Algorithm Requested Client Authentication signing algorithm for the Token Endpoint. * @type {string} * @memberof OAuth2Client */ 'token_endpoint_auth_signing_alg'?: string; /** * OAuth 2.0 Client Terms of Service URI A URL string pointing to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client. * @type {string} * @memberof OAuth2Client */ 'tos_uri'?: string; /** * OAuth 2.0 Client Last Update Date UpdatedAt returns the timestamp of the last update. * @type {string} * @memberof OAuth2Client */ 'updated_at'?: string; /** * OpenID Connect Request Userinfo Signed Response Algorithm JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims as a UTF-8 encoded JSON object using the application/json content-type. * @type {string} * @memberof OAuth2Client */ 'userinfo_signed_response_alg'?: string; } /** * Lifespans of different token types issued for this OAuth 2.0 Client. * @export * @interface OAuth2ClientTokenLifespans */ export interface OAuth2ClientTokenLifespans { /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'authorization_code_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'authorization_code_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'authorization_code_grant_refresh_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'client_credentials_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'device_authorization_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'device_authorization_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'device_authorization_grant_refresh_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'implicit_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'implicit_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'jwt_bearer_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'refresh_token_grant_access_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'refresh_token_grant_id_token_lifespan'?: string; /** * Specify a time duration in milliseconds, seconds, minutes, hours. * @type {string} * @memberof OAuth2ClientTokenLifespans */ 'refresh_token_grant_refresh_token_lifespan'?: string; } /** * * @export * @interface OAuth2ConsentRequest */ export interface OAuth2ConsentRequest { /** * ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. * @type {string} * @memberof OAuth2ConsentRequest */ 'acr'?: string; /** * * @type {Array} * @memberof OAuth2ConsentRequest */ 'amr'?: Array; /** * ID is the identifier (\"authorization challenge\") of the consent authorization request. It is used to identify the session. * @type {string} * @memberof OAuth2ConsentRequest */ 'challenge': string; /** * * @type {OAuth2Client} * @memberof OAuth2ConsentRequest */ 'client'?: OAuth2Client; /** * * @type {any} * @memberof OAuth2ConsentRequest */ 'context'?: any; /** * DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device. * @type {string} * @memberof OAuth2ConsentRequest */ 'device_challenge_id'?: string; /** * LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate a login and consent request in the login & consent app. * @type {string} * @memberof OAuth2ConsentRequest */ 'login_challenge'?: string; /** * LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \"sid\" parameter in the ID Token and in OIDC Front-/Back- channel logout. It\'s value can generally be used to associate consecutive login requests by a certain user. * @type {string} * @memberof OAuth2ConsentRequest */ 'login_session_id'?: string; /** * * @type {OAuth2ConsentRequestOpenIDConnectContext} * @memberof OAuth2ConsentRequest */ 'oidc_context'?: OAuth2ConsentRequestOpenIDConnectContext; /** * RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters. * @type {string} * @memberof OAuth2ConsentRequest */ 'request_url'?: string; /** * * @type {Array} * @memberof OAuth2ConsentRequest */ 'requested_access_token_audience'?: Array; /** * * @type {Array} * @memberof OAuth2ConsentRequest */ 'requested_scope'?: Array; /** * Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you must not ask the user to grant the requested scopes. You must however either allow or deny the consent request using the usual API call. * @type {boolean} * @memberof OAuth2ConsentRequest */ 'skip'?: boolean; /** * Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. * @type {string} * @memberof OAuth2ConsentRequest */ 'subject'?: string; } /** * * @export * @interface OAuth2ConsentRequestOpenIDConnectContext */ export interface OAuth2ConsentRequestOpenIDConnectContext { /** * ACRValues is the Authentication AuthorizationContext Class Reference requested in the OAuth 2.0 Authorization request. It is a parameter defined by OpenID Connect and expresses which level of authentication (e.g. 2FA) is required. OpenID Connect defines it as follows: > Requested Authentication AuthorizationContext Class Reference values. Space-separated string that specifies the acr values that the Authorization Server is being requested to use for processing this Authentication Request, with the values appearing in order of preference. The Authentication AuthorizationContext Class satisfied by the authentication performed is returned as the acr Claim Value, as specified in Section 2. The acr Claim is requested as a Voluntary Claim by this parameter. * @type {Array} * @memberof OAuth2ConsentRequestOpenIDConnectContext */ 'acr_values'?: Array; /** * Display is a string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. The defined values are: page: The Authorization Server SHOULD display the authentication and consent UI consistent with a full User Agent page view. If the display parameter is not specified, this is the default display mode. popup: The Authorization Server SHOULD display the authentication and consent UI consistent with a popup User Agent window. The popup User Agent window should be of an appropriate size for a login-focused dialog and should not obscure the entire window that it is popping up over. touch: The Authorization Server SHOULD display the authentication and consent UI consistent with a device that leverages a touch interface. wap: The Authorization Server SHOULD display the authentication and consent UI consistent with a \"feature phone\" type display. The Authorization Server MAY also attempt to detect the capabilities of the User Agent and present an appropriate display. * @type {string} * @memberof OAuth2ConsentRequestOpenIDConnectContext */ 'display'?: string; /** * IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a hint about the End-User\'s current or past authenticated session with the Client. * @type {{ [key: string]: any; }} * @memberof OAuth2ConsentRequestOpenIDConnectContext */ 'id_token_hint_claims'?: { [key: string]: any; }; /** * LoginHint hints about the login identifier the End-User might use to log in (if necessary). This hint can be used by an RP if it first asks the End-User for their e-mail address (or other identifier) and then wants to pass that value as a hint to the discovered authorization service. This value MAY also be a phone number in the format specified for the phone_number Claim. The use of this parameter is optional. * @type {string} * @memberof OAuth2ConsentRequestOpenIDConnectContext */ 'login_hint'?: string; /** * UILocales is the End-User\'id preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value \"fr-CA fr en\" represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported by the OpenID Provider. * @type {Array} * @memberof OAuth2ConsentRequestOpenIDConnectContext */ 'ui_locales'?: Array; } /** * A completed OAuth 2.0 Consent Session. * @export * @interface OAuth2ConsentSession */ export interface OAuth2ConsentSession { /** * * @type {OAuth2ConsentRequest} * @memberof OAuth2ConsentSession */ 'consent_request'?: OAuth2ConsentRequest; /** * * @type {any} * @memberof OAuth2ConsentSession */ 'context'?: any; /** * * @type {OAuth2ConsentSessionExpiresAt} * @memberof OAuth2ConsentSession */ 'expires_at'?: OAuth2ConsentSessionExpiresAt; /** * * @type {Array} * @memberof OAuth2ConsentSession */ 'grant_access_token_audience'?: Array; /** * * @type {Array} * @memberof OAuth2ConsentSession */ 'grant_scope'?: Array; /** * * @type {string} * @memberof OAuth2ConsentSession */ 'handled_at'?: string; /** * Remember Consent Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. * @type {boolean} * @memberof OAuth2ConsentSession */ 'remember'?: boolean; /** * Remember Consent For RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. * @type {number} * @memberof OAuth2ConsentSession */ 'remember_for'?: number; /** * * @type {AcceptOAuth2ConsentRequestSession} * @memberof OAuth2ConsentSession */ 'session'?: AcceptOAuth2ConsentRequestSession; } /** * * @export * @interface OAuth2ConsentSessionExpiresAt */ export interface OAuth2ConsentSessionExpiresAt { /** * * @type {string} * @memberof OAuth2ConsentSessionExpiresAt */ 'access_token'?: string; /** * * @type {string} * @memberof OAuth2ConsentSessionExpiresAt */ 'authorize_code'?: string; /** * * @type {string} * @memberof OAuth2ConsentSessionExpiresAt */ 'id_token'?: string; /** * * @type {string} * @memberof OAuth2ConsentSessionExpiresAt */ 'par_context'?: string; /** * * @type {string} * @memberof OAuth2ConsentSessionExpiresAt */ 'refresh_token'?: string; } /** * * @export * @interface OAuth2LoginRequest */ export interface OAuth2LoginRequest { /** * ID is the identifier (\"login challenge\") of the login request. It is used to identify the session. * @type {string} * @memberof OAuth2LoginRequest */ 'challenge': string; /** * * @type {OAuth2Client} * @memberof OAuth2LoginRequest */ 'client': OAuth2Client; /** * * @type {OAuth2ConsentRequestOpenIDConnectContext} * @memberof OAuth2LoginRequest */ 'oidc_context'?: OAuth2ConsentRequestOpenIDConnectContext; /** * RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters. * @type {string} * @memberof OAuth2LoginRequest */ 'request_url': string; /** * * @type {Array} * @memberof OAuth2LoginRequest */ 'requested_access_token_audience'?: Array; /** * * @type {Array} * @memberof OAuth2LoginRequest */ 'requested_scope'?: Array; /** * SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \"sid\" parameter in the ID Token and in OIDC Front-/Back- channel logout. It\'s value can generally be used to associate consecutive login requests by a certain user. * @type {string} * @memberof OAuth2LoginRequest */ 'session_id'?: string; /** * Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. This feature allows you to update / set session information. * @type {boolean} * @memberof OAuth2LoginRequest */ 'skip': boolean; /** * Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type when accepting the login request, or the request will fail. * @type {string} * @memberof OAuth2LoginRequest */ 'subject': string; } /** * * @export * @interface OAuth2LogoutRequest */ export interface OAuth2LogoutRequest { /** * Challenge is the identifier (\"logout challenge\") of the logout authentication request. It is used to identify the session. * @type {string} * @memberof OAuth2LogoutRequest */ 'challenge'?: string; /** * * @type {OAuth2Client} * @memberof OAuth2LogoutRequest */ 'client'?: OAuth2Client; /** * * @type {string} * @memberof OAuth2LogoutRequest */ 'expires_at'?: string; /** * RequestURL is the original Logout URL requested. * @type {string} * @memberof OAuth2LogoutRequest */ 'request_url'?: string; /** * * @type {string} * @memberof OAuth2LogoutRequest */ 'requested_at'?: string; /** * RPInitiated is set to true if the request was initiated by a Relying Party (RP), also known as an OAuth 2.0 Client. * @type {boolean} * @memberof OAuth2LogoutRequest */ 'rp_initiated'?: boolean; /** * SessionID is the login session ID that was requested to log out. * @type {string} * @memberof OAuth2LogoutRequest */ 'sid'?: string; /** * Subject is the user for whom the logout was request. * @type {string} * @memberof OAuth2LogoutRequest */ 'subject'?: string; } /** * Contains a redirect URL used to complete a login, consent, or logout request. * @export * @interface OAuth2RedirectTo */ export interface OAuth2RedirectTo { /** * RedirectURL is the URL which you should redirect the user\'s browser to once the authentication process is completed. * @type {string} * @memberof OAuth2RedirectTo */ 'redirect_to': string; } /** * OAuth2 Token Exchange Result * @export * @interface OAuth2TokenExchange */ export interface OAuth2TokenExchange { /** * The access token issued by the authorization server. * @type {string} * @memberof OAuth2TokenExchange */ 'access_token'?: string; /** * The lifetime in seconds of the access token. For example, the value \"3600\" denotes that the access token will expire in one hour from the time the response was generated. * @type {number} * @memberof OAuth2TokenExchange */ 'expires_in'?: number; /** * To retrieve a refresh token request the id_token scope. * @type {string} * @memberof OAuth2TokenExchange */ 'id_token'?: string; /** * The refresh token, which can be used to obtain new access tokens. To retrieve it add the scope \"offline\" to your access token request. * @type {string} * @memberof OAuth2TokenExchange */ 'refresh_token'?: string; /** * The scope of the access token * @type {string} * @memberof OAuth2TokenExchange */ 'scope'?: string; /** * The type of the token issued * @type {string} * @memberof OAuth2TokenExchange */ 'token_type'?: string; } /** * Includes links to several endpoints (for example `/oauth2/token`) and exposes information on supported signature algorithms among others. * @export * @interface OidcConfiguration */ export interface OidcConfiguration { /** * OAuth 2.0 Authorization Endpoint URL * @type {string} * @memberof OidcConfiguration */ 'authorization_endpoint': string; /** * OpenID Connect Back-Channel Logout Session Required Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP. If supported, the sid Claim is also included in ID Tokens issued by the OP * @type {boolean} * @memberof OidcConfiguration */ 'backchannel_logout_session_supported'?: boolean; /** * OpenID Connect Back-Channel Logout Supported Boolean value specifying whether the OP supports back-channel logout, with true indicating support. * @type {boolean} * @memberof OidcConfiguration */ 'backchannel_logout_supported'?: boolean; /** * OpenID Connect Claims Parameter Parameter Supported Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. * @type {boolean} * @memberof OidcConfiguration */ 'claims_parameter_supported'?: boolean; /** * OpenID Connect Supported Claims JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. * @type {Array} * @memberof OidcConfiguration */ 'claims_supported'?: Array; /** * OAuth 2.0 PKCE Supported Code Challenge Methods JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server. * @type {Array} * @memberof OidcConfiguration */ 'code_challenge_methods_supported'?: Array; /** * OpenID Connect Verifiable Credentials Endpoint Contains the URL of the Verifiable Credentials Endpoint. * @type {string} * @memberof OidcConfiguration */ 'credentials_endpoint_draft_00'?: string; /** * OpenID Connect Verifiable Credentials Supported JSON array containing a list of the Verifiable Credentials supported by this authorization server. * @type {Array} * @memberof OidcConfiguration */ 'credentials_supported_draft_00'?: Array; /** * OAuth 2.0 Device Authorization Endpoint URL * @type {string} * @memberof OidcConfiguration */ 'device_authorization_endpoint': string; /** * OpenID Connect End-Session Endpoint URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP. * @type {string} * @memberof OidcConfiguration */ 'end_session_endpoint'?: string; /** * OpenID Connect Front-Channel Logout Session Required Boolean value specifying whether the OP can pass iss (issuer) and sid (session ID) query parameters to identify the RP session with the OP when the frontchannel_logout_uri is used. If supported, the sid Claim is also included in ID Tokens issued by the OP. * @type {boolean} * @memberof OidcConfiguration */ 'frontchannel_logout_session_supported'?: boolean; /** * OpenID Connect Front-Channel Logout Supported Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support. * @type {boolean} * @memberof OidcConfiguration */ 'frontchannel_logout_supported'?: boolean; /** * OAuth 2.0 Supported Grant Types JSON array containing a list of the OAuth 2.0 Grant Type values that this OP supports. * @type {Array} * @memberof OidcConfiguration */ 'grant_types_supported'?: Array; /** * OpenID Connect Default ID Token Signing Algorithms Algorithm used to sign OpenID Connect ID Tokens. * @type {Array} * @memberof OidcConfiguration */ 'id_token_signed_response_alg': Array; /** * OpenID Connect Supported ID Token Signing Algorithms JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT. * @type {Array} * @memberof OidcConfiguration */ 'id_token_signing_alg_values_supported': Array; /** * OpenID Connect Issuer URL An URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. * @type {string} * @memberof OidcConfiguration */ 'issuer': string; /** * OpenID Connect Well-Known JSON Web Keys URL URL of the OP\'s JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server\'s encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key\'s intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. * @type {string} * @memberof OidcConfiguration */ 'jwks_uri': string; /** * OpenID Connect Dynamic Client Registration Endpoint URL * @type {string} * @memberof OidcConfiguration */ 'registration_endpoint'?: string; /** * OpenID Connect Supported Request Object Signing Algorithms JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). * @type {Array} * @memberof OidcConfiguration */ 'request_object_signing_alg_values_supported'?: Array; /** * OpenID Connect Request Parameter Supported Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. * @type {boolean} * @memberof OidcConfiguration */ 'request_parameter_supported'?: boolean; /** * OpenID Connect Request URI Parameter Supported Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. * @type {boolean} * @memberof OidcConfiguration */ 'request_uri_parameter_supported'?: boolean; /** * OpenID Connect Requires Request URI Registration Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. * @type {boolean} * @memberof OidcConfiguration */ 'require_request_uri_registration'?: boolean; /** * OAuth 2.0 Supported Response Modes JSON array containing a list of the OAuth 2.0 response_mode values that this OP supports. * @type {Array} * @memberof OidcConfiguration */ 'response_modes_supported'?: Array; /** * OAuth 2.0 Supported Response Types JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values. * @type {Array} * @memberof OidcConfiguration */ 'response_types_supported': Array; /** * OAuth 2.0 Token Revocation URL URL of the authorization server\'s OAuth 2.0 revocation endpoint. * @type {string} * @memberof OidcConfiguration */ 'revocation_endpoint'?: string; /** * OAuth 2.0 Supported Scope Values JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used * @type {Array} * @memberof OidcConfiguration */ 'scopes_supported'?: Array; /** * OpenID Connect Supported Subject Types JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public. * @type {Array} * @memberof OidcConfiguration */ 'subject_types_supported': Array; /** * OAuth 2.0 Token Endpoint URL * @type {string} * @memberof OidcConfiguration */ 'token_endpoint': string; /** * OAuth 2.0 Supported Client Authentication Methods JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 * @type {Array} * @memberof OidcConfiguration */ 'token_endpoint_auth_methods_supported'?: Array; /** * OpenID Connect Userinfo URL URL of the OP\'s UserInfo Endpoint. * @type {string} * @memberof OidcConfiguration */ 'userinfo_endpoint'?: string; /** * OpenID Connect User Userinfo Signing Algorithm Algorithm used to sign OpenID Connect Userinfo Responses. * @type {Array} * @memberof OidcConfiguration */ 'userinfo_signed_response_alg': Array; /** * OpenID Connect Supported Userinfo Signing Algorithm JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. * @type {Array} * @memberof OidcConfiguration */ 'userinfo_signing_alg_values_supported'?: Array; } /** * OpenID Connect Userinfo * @export * @interface OidcUserInfo */ export interface OidcUserInfo { /** * End-User\'s birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform\'s date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates. * @type {string} * @memberof OidcUserInfo */ 'birthdate'?: string; /** * End-User\'s preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7. * @type {string} * @memberof OidcUserInfo */ 'email'?: string; /** * True if the End-User\'s e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. * @type {boolean} * @memberof OidcUserInfo */ 'email_verified'?: boolean; /** * Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. * @type {string} * @memberof OidcUserInfo */ 'family_name'?: string; /** * End-User\'s gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable. * @type {string} * @memberof OidcUserInfo */ 'gender'?: string; /** * Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. * @type {string} * @memberof OidcUserInfo */ 'given_name'?: string; /** * End-User\'s locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well. * @type {string} * @memberof OidcUserInfo */ 'locale'?: string; /** * Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used. * @type {string} * @memberof OidcUserInfo */ 'middle_name'?: string; /** * End-User\'s full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User\'s locale and preferences. * @type {string} * @memberof OidcUserInfo */ 'name'?: string; /** * Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael. * @type {string} * @memberof OidcUserInfo */ 'nickname'?: string; /** * End-User\'s preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678. * @type {string} * @memberof OidcUserInfo */ 'phone_number'?: string; /** * True if the End-User\'s phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format. * @type {boolean} * @memberof OidcUserInfo */ 'phone_number_verified'?: boolean; /** * URL of the End-User\'s profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User. * @type {string} * @memberof OidcUserInfo */ 'picture'?: string; /** * Non-unique shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. * @type {string} * @memberof OidcUserInfo */ 'preferred_username'?: string; /** * URL of the End-User\'s profile page. The contents of this Web page SHOULD be about the End-User. * @type {string} * @memberof OidcUserInfo */ 'profile'?: string; /** * Subject - Identifier for the End-User at the IssuerURL. * @type {string} * @memberof OidcUserInfo */ 'sub'?: string; /** * Time the End-User\'s information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. * @type {number} * @memberof OidcUserInfo */ 'updated_at'?: number; /** * URL of the End-User\'s Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with. * @type {string} * @memberof OidcUserInfo */ 'website'?: string; /** * String from zoneinfo [zoneinfo] time zone database representing the End-User\'s time zone. For example, Europe/Paris or America/Los_Angeles. * @type {string} * @memberof OidcUserInfo */ 'zoneinfo'?: string; } /** * * @export * @interface Pagination */ export interface Pagination { /** * Items per page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {number} * @memberof Pagination */ 'page_size'?: number; /** * Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {string} * @memberof Pagination */ 'page_token'?: string; } /** * * @export * @interface PaginationHeaders */ export interface PaginationHeaders { /** * The link header contains pagination links. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). in: header * @type {string} * @memberof PaginationHeaders */ 'link'?: string; /** * The total number of clients. in: header * @type {string} * @memberof PaginationHeaders */ 'x-total-count'?: string; } /** * * @export * @interface RFC6749ErrorJson */ export interface RFC6749ErrorJson { /** * * @type {string} * @memberof RFC6749ErrorJson */ 'error'?: string; /** * * @type {string} * @memberof RFC6749ErrorJson */ 'error_debug'?: string; /** * * @type {string} * @memberof RFC6749ErrorJson */ 'error_description'?: string; /** * * @type {string} * @memberof RFC6749ErrorJson */ 'error_hint'?: string; /** * * @type {number} * @memberof RFC6749ErrorJson */ 'status_code'?: number; } /** * * @export * @interface RejectOAuth2Request */ export interface RejectOAuth2Request { /** * The error should follow the OAuth2 error format (e.g. `invalid_request`, `login_required`). Defaults to `request_denied`. * @type {string} * @memberof RejectOAuth2Request */ 'error'?: string; /** * Debug contains information to help resolve the problem as a developer. Usually not exposed to the public but only in the server logs. * @type {string} * @memberof RejectOAuth2Request */ 'error_debug'?: string; /** * Description of the error in a human readable format. * @type {string} * @memberof RejectOAuth2Request */ 'error_description'?: string; /** * Hint to help resolve the error. * @type {string} * @memberof RejectOAuth2Request */ 'error_hint'?: string; /** * Represents the HTTP status code of the error (e.g. 401 or 403) Defaults to 400 * @type {number} * @memberof RejectOAuth2Request */ 'status_code'?: number; } /** * * @export * @interface TokenPagination */ export interface TokenPagination { /** * Items per page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {number} * @memberof TokenPagination */ 'page_size'?: number; /** * Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {string} * @memberof TokenPagination */ 'page_token'?: string; } /** * * @export * @interface TokenPaginationHeaders */ export interface TokenPaginationHeaders { /** * The link header contains pagination links. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). in: header * @type {string} * @memberof TokenPaginationHeaders */ 'link'?: string; /** * The total number of clients. in: header * @type {string} * @memberof TokenPaginationHeaders */ 'x-total-count'?: string; } /** * The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: `; rel=\"{page}\"` For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @export * @interface TokenPaginationRequestParameters */ export interface TokenPaginationRequestParameters { /** * Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {number} * @memberof TokenPaginationRequestParameters */ 'page_size'?: number; /** * Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {string} * @memberof TokenPaginationRequestParameters */ 'page_token'?: string; } /** * The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: `; rel=\"{page}\"` For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @export * @interface TokenPaginationResponseHeaders */ export interface TokenPaginationResponseHeaders { /** * The Link HTTP Header The `Link` header contains a comma-delimited list of links to the following pages: first: The first page of results. next: The next page of results. prev: The previous page of results. last: The last page of results. Pages are omitted if they do not exist. For example, if there is no next page, the `next` link is omitted. Examples: ; rel=\"first\",; rel=\"next\",; rel=\"prev\",; rel=\"last\" * @type {string} * @memberof TokenPaginationResponseHeaders */ 'link'?: string; /** * The X-Total-Count HTTP Header The `X-Total-Count` header contains the total number of items in the collection. * @type {number} * @memberof TokenPaginationResponseHeaders */ 'x-total-count'?: number; } /** * Trust OAuth2 JWT Bearer Grant Type Issuer Request Body * @export * @interface TrustOAuth2JwtGrantIssuer */ export interface TrustOAuth2JwtGrantIssuer { /** * The \"allow_any_subject\" indicates that the issuer is allowed to have any principal as the subject of the JWT. * @type {boolean} * @memberof TrustOAuth2JwtGrantIssuer */ 'allow_any_subject'?: boolean; /** * The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\". * @type {string} * @memberof TrustOAuth2JwtGrantIssuer */ 'expires_at': string; /** * The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT). * @type {string} * @memberof TrustOAuth2JwtGrantIssuer */ 'issuer': string; /** * * @type {JsonWebKey} * @memberof TrustOAuth2JwtGrantIssuer */ 'jwk': JsonWebKey; /** * The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) * @type {Array} * @memberof TrustOAuth2JwtGrantIssuer */ 'scope': Array; /** * The \"subject\" identifies the principal that is the subject of the JWT. * @type {string} * @memberof TrustOAuth2JwtGrantIssuer */ 'subject'?: string; } /** * OAuth2 JWT Bearer Grant Type Issuer Trust Relationship * @export * @interface TrustedOAuth2JwtGrantIssuer */ export interface TrustedOAuth2JwtGrantIssuer { /** * The \"allow_any_subject\" indicates that the issuer is allowed to have any principal as the subject of the JWT. * @type {boolean} * @memberof TrustedOAuth2JwtGrantIssuer */ 'allow_any_subject'?: boolean; /** * The \"created_at\" indicates, when grant was created. * @type {string} * @memberof TrustedOAuth2JwtGrantIssuer */ 'created_at'?: string; /** * The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\". * @type {string} * @memberof TrustedOAuth2JwtGrantIssuer */ 'expires_at'?: string; /** * * @type {string} * @memberof TrustedOAuth2JwtGrantIssuer */ 'id'?: string; /** * The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT). * @type {string} * @memberof TrustedOAuth2JwtGrantIssuer */ 'issuer'?: string; /** * * @type {TrustedOAuth2JwtGrantJsonWebKey} * @memberof TrustedOAuth2JwtGrantIssuer */ 'public_key'?: TrustedOAuth2JwtGrantJsonWebKey; /** * The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) * @type {Array} * @memberof TrustedOAuth2JwtGrantIssuer */ 'scope'?: Array; /** * The \"subject\" identifies the principal that is the subject of the JWT. * @type {string} * @memberof TrustedOAuth2JwtGrantIssuer */ 'subject'?: string; } /** * OAuth2 JWT Bearer Grant Type Issuer Trusted JSON Web Key * @export * @interface TrustedOAuth2JwtGrantJsonWebKey */ export interface TrustedOAuth2JwtGrantJsonWebKey { /** * The \"key_id\" is key unique identifier (same as kid header in jws/jwt). * @type {string} * @memberof TrustedOAuth2JwtGrantJsonWebKey */ 'kid'?: string; /** * The \"set\" is basically a name for a group(set) of keys. Will be the same as \"issuer\" in grant. * @type {string} * @memberof TrustedOAuth2JwtGrantJsonWebKey */ 'set'?: string; } /** * * @export * @interface VerifiableCredentialPrimingResponse */ export interface VerifiableCredentialPrimingResponse { /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'c_nonce'?: string; /** * * @type {number} * @memberof VerifiableCredentialPrimingResponse */ 'c_nonce_expires_in'?: number; /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'error'?: string; /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'error_debug'?: string; /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'error_description'?: string; /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'error_hint'?: string; /** * * @type {string} * @memberof VerifiableCredentialPrimingResponse */ 'format'?: string; /** * * @type {number} * @memberof VerifiableCredentialPrimingResponse */ 'status_code'?: number; } /** * * @export * @interface VerifiableCredentialProof */ export interface VerifiableCredentialProof { /** * * @type {string} * @memberof VerifiableCredentialProof */ 'jwt'?: string; /** * * @type {string} * @memberof VerifiableCredentialProof */ 'proof_type'?: string; } /** * * @export * @interface VerifiableCredentialResponse */ export interface VerifiableCredentialResponse { /** * * @type {string} * @memberof VerifiableCredentialResponse */ 'credential_draft_00'?: string; /** * * @type {string} * @memberof VerifiableCredentialResponse */ 'format'?: string; } /** * * @export * @interface VerifyUserCodeRequest */ export interface VerifyUserCodeRequest { /** * ID is the identifier (\"device challenge\") of the device request. It is used to identify the session. * @type {string} * @memberof VerifyUserCodeRequest */ 'challenge'?: string; /** * * @type {OAuth2Client} * @memberof VerifyUserCodeRequest */ 'client'?: OAuth2Client; /** * * @type {string} * @memberof VerifyUserCodeRequest */ 'device_code_request_id'?: string; /** * * @type {string} * @memberof VerifyUserCodeRequest */ 'handled_at'?: string; /** * RequestURL is the original Device Authorization URL requested. * @type {string} * @memberof VerifyUserCodeRequest */ 'request_url'?: string; /** * * @type {Array} * @memberof VerifyUserCodeRequest */ 'requested_access_token_audience'?: Array; /** * * @type {Array} * @memberof VerifyUserCodeRequest */ 'requested_scope'?: Array; } /** * * @export * @interface Version */ export interface Version { /** * Version is the service\'s version. * @type {string} * @memberof Version */ 'version'?: string; } /** * JwkApi - axios parameter creator * @export */ export const JwkApiAxiosParamCreator = function (configuration?: Configuration) { return { /** * This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Create JSON Web Key * @param {string} set The JSON Web Key Set ID * @param {CreateJsonWebKeySet} createJsonWebKeySet * @param {*} [options] Override http request option. * @throws {RequiredError} */ createJsonWebKeySet: async (set: string, createJsonWebKeySet: CreateJsonWebKeySet, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('createJsonWebKeySet', 'set', set) // verify required parameter 'createJsonWebKeySet' is not null or undefined assertParamExists('createJsonWebKeySet', 'createJsonWebKeySet', createJsonWebKeySet) const localVarPath = `/admin/keys/{set}` .replace(`{${"set"}}`, encodeURIComponent(String(set))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(createJsonWebKeySet, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to delete a single JSON Web Key. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key * @param {string} set The JSON Web Key Set * @param {string} kid The JSON Web Key ID (kid) * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteJsonWebKey: async (set: string, kid: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('deleteJsonWebKey', 'set', set) // verify required parameter 'kid' is not null or undefined assertParamExists('deleteJsonWebKey', 'kid', kid) const localVarPath = `/admin/keys/{set}/{kid}` .replace(`{${"set"}}`, encodeURIComponent(String(set))) .replace(`{${"kid"}}`, encodeURIComponent(String(kid))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key Set * @param {string} set The JSON Web Key Set * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteJsonWebKeySet: async (set: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('deleteJsonWebKeySet', 'set', set) const localVarPath = `/admin/keys/{set}` .replace(`{${"set"}}`, encodeURIComponent(String(set))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and the specific key ID (kid). * @summary Get JSON Web Key * @param {string} set JSON Web Key Set ID * @param {string} kid JSON Web Key ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ getJsonWebKey: async (set: string, kid: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('getJsonWebKey', 'set', set) // verify required parameter 'kid' is not null or undefined assertParamExists('getJsonWebKey', 'kid', kid) const localVarPath = `/admin/keys/{set}/{kid}` .replace(`{${"set"}}`, encodeURIComponent(String(set))) .replace(`{${"kid"}}`, encodeURIComponent(String(kid))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Retrieve a JSON Web Key Set * @param {string} set JSON Web Key Set ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ getJsonWebKeySet: async (set: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('getJsonWebKeySet', 'set', set) const localVarPath = `/admin/keys/{set}` .replace(`{${"set"}}`, encodeURIComponent(String(set))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Set JSON Web Key * @param {string} set The JSON Web Key Set ID * @param {string} kid JSON Web Key ID * @param {JsonWebKey} [jsonWebKey] * @param {*} [options] Override http request option. * @throws {RequiredError} */ setJsonWebKey: async (set: string, kid: string, jsonWebKey?: JsonWebKey, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('setJsonWebKey', 'set', set) // verify required parameter 'kid' is not null or undefined assertParamExists('setJsonWebKey', 'kid', kid) const localVarPath = `/admin/keys/{set}/{kid}` .replace(`{${"set"}}`, encodeURIComponent(String(set))) .replace(`{${"kid"}}`, encodeURIComponent(String(kid))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(jsonWebKey, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Update a JSON Web Key Set * @param {string} set The JSON Web Key Set ID * @param {JsonWebKeySet} [jsonWebKeySet] * @param {*} [options] Override http request option. * @throws {RequiredError} */ setJsonWebKeySet: async (set: string, jsonWebKeySet?: JsonWebKeySet, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'set' is not null or undefined assertParamExists('setJsonWebKeySet', 'set', set) const localVarPath = `/admin/keys/{set}` .replace(`{${"set"}}`, encodeURIComponent(String(set))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(jsonWebKeySet, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, } }; /** * JwkApi - functional programming interface * @export */ export const JwkApiFp = function(configuration?: Configuration) { const localVarAxiosParamCreator = JwkApiAxiosParamCreator(configuration) return { /** * This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Create JSON Web Key * @param {string} set The JSON Web Key Set ID * @param {CreateJsonWebKeySet} createJsonWebKeySet * @param {*} [options] Override http request option. * @throws {RequiredError} */ async createJsonWebKeySet(set: string, createJsonWebKeySet: CreateJsonWebKeySet, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.createJsonWebKeySet(set, createJsonWebKeySet, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.createJsonWebKeySet']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to delete a single JSON Web Key. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key * @param {string} set The JSON Web Key Set * @param {string} kid The JSON Web Key ID (kid) * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteJsonWebKey(set: string, kid: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteJsonWebKey(set, kid, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.deleteJsonWebKey']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key Set * @param {string} set The JSON Web Key Set * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteJsonWebKeySet(set: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteJsonWebKeySet(set, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.deleteJsonWebKeySet']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and the specific key ID (kid). * @summary Get JSON Web Key * @param {string} set JSON Web Key Set ID * @param {string} kid JSON Web Key ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getJsonWebKey(set: string, kid: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getJsonWebKey(set, kid, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.getJsonWebKey']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Retrieve a JSON Web Key Set * @param {string} set JSON Web Key Set ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getJsonWebKeySet(set: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getJsonWebKeySet(set, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.getJsonWebKeySet']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Set JSON Web Key * @param {string} set The JSON Web Key Set ID * @param {string} kid JSON Web Key ID * @param {JsonWebKey} [jsonWebKey] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async setJsonWebKey(set: string, kid: string, jsonWebKey?: JsonWebKey, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.setJsonWebKey(set, kid, jsonWebKey, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.setJsonWebKey']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Update a JSON Web Key Set * @param {string} set The JSON Web Key Set ID * @param {JsonWebKeySet} [jsonWebKeySet] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async setJsonWebKeySet(set: string, jsonWebKeySet?: JsonWebKeySet, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.setJsonWebKeySet(set, jsonWebKeySet, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['JwkApi.setJsonWebKeySet']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, } }; /** * JwkApi - factory interface * @export */ export const JwkApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) { const localVarFp = JwkApiFp(configuration) return { /** * This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Create JSON Web Key * @param {JwkApiCreateJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ createJsonWebKeySet(requestParameters: JwkApiCreateJsonWebKeySetRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.createJsonWebKeySet(requestParameters.set, requestParameters.createJsonWebKeySet, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to delete a single JSON Web Key. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key * @param {JwkApiDeleteJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteJsonWebKey(requestParameters: JwkApiDeleteJsonWebKeyRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteJsonWebKey(requestParameters.set, requestParameters.kid, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key Set * @param {JwkApiDeleteJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteJsonWebKeySet(requestParameters: JwkApiDeleteJsonWebKeySetRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteJsonWebKeySet(requestParameters.set, options).then((request) => request(axios, basePath)); }, /** * This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and the specific key ID (kid). * @summary Get JSON Web Key * @param {JwkApiGetJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getJsonWebKey(requestParameters: JwkApiGetJsonWebKeyRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getJsonWebKey(requestParameters.set, requestParameters.kid, options).then((request) => request(axios, basePath)); }, /** * This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Retrieve a JSON Web Key Set * @param {JwkApiGetJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getJsonWebKeySet(requestParameters: JwkApiGetJsonWebKeySetRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getJsonWebKeySet(requestParameters.set, options).then((request) => request(axios, basePath)); }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Set JSON Web Key * @param {JwkApiSetJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ setJsonWebKey(requestParameters: JwkApiSetJsonWebKeyRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.setJsonWebKey(requestParameters.set, requestParameters.kid, requestParameters.jsonWebKey, options).then((request) => request(axios, basePath)); }, /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Update a JSON Web Key Set * @param {JwkApiSetJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ setJsonWebKeySet(requestParameters: JwkApiSetJsonWebKeySetRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.setJsonWebKeySet(requestParameters.set, requestParameters.jsonWebKeySet, options).then((request) => request(axios, basePath)); }, }; }; /** * Request parameters for createJsonWebKeySet operation in JwkApi. * @export * @interface JwkApiCreateJsonWebKeySetRequest */ export interface JwkApiCreateJsonWebKeySetRequest { /** * The JSON Web Key Set ID * @type {string} * @memberof JwkApiCreateJsonWebKeySet */ readonly set: string /** * * @type {CreateJsonWebKeySet} * @memberof JwkApiCreateJsonWebKeySet */ readonly createJsonWebKeySet: CreateJsonWebKeySet } /** * Request parameters for deleteJsonWebKey operation in JwkApi. * @export * @interface JwkApiDeleteJsonWebKeyRequest */ export interface JwkApiDeleteJsonWebKeyRequest { /** * The JSON Web Key Set * @type {string} * @memberof JwkApiDeleteJsonWebKey */ readonly set: string /** * The JSON Web Key ID (kid) * @type {string} * @memberof JwkApiDeleteJsonWebKey */ readonly kid: string } /** * Request parameters for deleteJsonWebKeySet operation in JwkApi. * @export * @interface JwkApiDeleteJsonWebKeySetRequest */ export interface JwkApiDeleteJsonWebKeySetRequest { /** * The JSON Web Key Set * @type {string} * @memberof JwkApiDeleteJsonWebKeySet */ readonly set: string } /** * Request parameters for getJsonWebKey operation in JwkApi. * @export * @interface JwkApiGetJsonWebKeyRequest */ export interface JwkApiGetJsonWebKeyRequest { /** * JSON Web Key Set ID * @type {string} * @memberof JwkApiGetJsonWebKey */ readonly set: string /** * JSON Web Key ID * @type {string} * @memberof JwkApiGetJsonWebKey */ readonly kid: string } /** * Request parameters for getJsonWebKeySet operation in JwkApi. * @export * @interface JwkApiGetJsonWebKeySetRequest */ export interface JwkApiGetJsonWebKeySetRequest { /** * JSON Web Key Set ID * @type {string} * @memberof JwkApiGetJsonWebKeySet */ readonly set: string } /** * Request parameters for setJsonWebKey operation in JwkApi. * @export * @interface JwkApiSetJsonWebKeyRequest */ export interface JwkApiSetJsonWebKeyRequest { /** * The JSON Web Key Set ID * @type {string} * @memberof JwkApiSetJsonWebKey */ readonly set: string /** * JSON Web Key ID * @type {string} * @memberof JwkApiSetJsonWebKey */ readonly kid: string /** * * @type {JsonWebKey} * @memberof JwkApiSetJsonWebKey */ readonly jsonWebKey?: JsonWebKey } /** * Request parameters for setJsonWebKeySet operation in JwkApi. * @export * @interface JwkApiSetJsonWebKeySetRequest */ export interface JwkApiSetJsonWebKeySetRequest { /** * The JSON Web Key Set ID * @type {string} * @memberof JwkApiSetJsonWebKeySet */ readonly set: string /** * * @type {JsonWebKeySet} * @memberof JwkApiSetJsonWebKeySet */ readonly jsonWebKeySet?: JsonWebKeySet } /** * JwkApi - object-oriented interface * @export * @class JwkApi * @extends {BaseAPI} */ export class JwkApi extends BaseAPI { /** * This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Create JSON Web Key * @param {JwkApiCreateJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public createJsonWebKeySet(requestParameters: JwkApiCreateJsonWebKeySetRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).createJsonWebKeySet(requestParameters.set, requestParameters.createJsonWebKeySet, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to delete a single JSON Web Key. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key * @param {JwkApiDeleteJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public deleteJsonWebKey(requestParameters: JwkApiDeleteJsonWebKeyRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).deleteJsonWebKey(requestParameters.set, requestParameters.kid, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Delete JSON Web Key Set * @param {JwkApiDeleteJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public deleteJsonWebKeySet(requestParameters: JwkApiDeleteJsonWebKeySetRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).deleteJsonWebKeySet(requestParameters.set, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and the specific key ID (kid). * @summary Get JSON Web Key * @param {JwkApiGetJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public getJsonWebKey(requestParameters: JwkApiGetJsonWebKeyRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).getJsonWebKey(requestParameters.set, requestParameters.kid, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Retrieve a JSON Web Key Set * @param {JwkApiGetJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public getJsonWebKeySet(requestParameters: JwkApiGetJsonWebKeySetRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).getJsonWebKeySet(requestParameters.set, options).then((request) => request(this.axios, this.basePath)); } /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Set JSON Web Key * @param {JwkApiSetJsonWebKeyRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public setJsonWebKey(requestParameters: JwkApiSetJsonWebKeyRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).setJsonWebKey(requestParameters.set, requestParameters.kid, requestParameters.jsonWebKey, options).then((request) => request(this.axios, this.basePath)); } /** * Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. * @summary Update a JSON Web Key Set * @param {JwkApiSetJsonWebKeySetRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof JwkApi */ public setJsonWebKeySet(requestParameters: JwkApiSetJsonWebKeySetRequest, options?: RawAxiosRequestConfig) { return JwkApiFp(this.configuration).setJsonWebKeySet(requestParameters.set, requestParameters.jsonWebKeySet, options).then((request) => request(this.axios, this.basePath)); } } /** * MetadataApi - axios parameter creator * @export */ export const MetadataApiAxiosParamCreator = function (configuration?: Configuration) { return { /** * This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. * @summary Return Running Software Version. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getVersion: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/version`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming HTTP requests. This status does currently not include checks whether the database connection is working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ isAlive: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/health/alive`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment dependencies (e.g. the database) are responsive as well. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of Ory Hydra, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server and Database Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ isReady: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/health/ready`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, } }; /** * MetadataApi - functional programming interface * @export */ export const MetadataApiFp = function(configuration?: Configuration) { const localVarAxiosParamCreator = MetadataApiAxiosParamCreator(configuration) return { /** * This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. * @summary Return Running Software Version. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getVersion(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getVersion(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['MetadataApi.getVersion']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming HTTP requests. This status does currently not include checks whether the database connection is working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ async isAlive(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.isAlive(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['MetadataApi.isAlive']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment dependencies (e.g. the database) are responsive as well. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of Ory Hydra, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server and Database Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ async isReady(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.isReady(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['MetadataApi.isReady']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, } }; /** * MetadataApi - factory interface * @export */ export const MetadataApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) { const localVarFp = MetadataApiFp(configuration) return { /** * This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. * @summary Return Running Software Version. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getVersion(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getVersion(options).then((request) => request(axios, basePath)); }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming HTTP requests. This status does currently not include checks whether the database connection is working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ isAlive(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.isAlive(options).then((request) => request(axios, basePath)); }, /** * This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment dependencies (e.g. the database) are responsive as well. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of Ory Hydra, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server and Database Status * @param {*} [options] Override http request option. * @throws {RequiredError} */ isReady(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.isReady(options).then((request) => request(axios, basePath)); }, }; }; /** * MetadataApi - object-oriented interface * @export * @class MetadataApi * @extends {BaseAPI} */ export class MetadataApi extends BaseAPI { /** * This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. * @summary Return Running Software Version. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof MetadataApi */ public getVersion(options?: RawAxiosRequestConfig) { return MetadataApiFp(this.configuration).getVersion(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming HTTP requests. This status does currently not include checks whether the database connection is working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server Status * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof MetadataApi */ public isAlive(options?: RawAxiosRequestConfig) { return MetadataApiFp(this.configuration).isAlive(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment dependencies (e.g. the database) are responsive as well. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. Be aware that if you are running multiple nodes of Ory Hydra, the health status will never refer to the cluster state, only to a single instance. * @summary Check HTTP Server and Database Status * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof MetadataApi */ public isReady(options?: RawAxiosRequestConfig) { return MetadataApiFp(this.configuration).isReady(options).then((request) => request(this.axios, this.basePath)); } } /** * OAuth2Api - axios parameter creator * @export */ export const OAuth2ApiAxiosParamCreator = function (configuration?: Configuration) { return { /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Accept OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {AcceptOAuth2ConsentRequest} [acceptOAuth2ConsentRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2ConsentRequest: async (consentChallenge: string, acceptOAuth2ConsentRequest?: AcceptOAuth2ConsentRequest, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'consentChallenge' is not null or undefined assertParamExists('acceptOAuth2ConsentRequest', 'consentChallenge', consentChallenge) const localVarPath = `/admin/oauth2/auth/requests/consent/accept`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (consentChallenge !== undefined) { localVarQueryParameter['consent_challenge'] = consentChallenge; } localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(acceptOAuth2ConsentRequest, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {AcceptOAuth2LoginRequest} [acceptOAuth2LoginRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2LoginRequest: async (loginChallenge: string, acceptOAuth2LoginRequest?: AcceptOAuth2LoginRequest, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'loginChallenge' is not null or undefined assertParamExists('acceptOAuth2LoginRequest', 'loginChallenge', loginChallenge) const localVarPath = `/admin/oauth2/auth/requests/login/accept`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (loginChallenge !== undefined) { localVarQueryParameter['login_challenge'] = loginChallenge; } localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(acceptOAuth2LoginRequest, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Session Logout Request * @param {string} logoutChallenge OAuth 2.0 Logout Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2LogoutRequest: async (logoutChallenge: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'logoutChallenge' is not null or undefined assertParamExists('acceptOAuth2LogoutRequest', 'logoutChallenge', logoutChallenge) const localVarPath = `/admin/oauth2/auth/requests/logout/accept`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (logoutChallenge !== undefined) { localVarQueryParameter['logout_challenge'] = logoutChallenge; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Accepts a device grant user_code request * @summary Accepts a device grant user_code request * @param {string} deviceChallenge * @param {AcceptDeviceUserCodeRequest} [acceptDeviceUserCodeRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptUserCodeRequest: async (deviceChallenge: string, acceptDeviceUserCodeRequest?: AcceptDeviceUserCodeRequest, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'deviceChallenge' is not null or undefined assertParamExists('acceptUserCodeRequest', 'deviceChallenge', deviceChallenge) const localVarPath = `/admin/oauth2/auth/requests/device/accept`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (deviceChallenge !== undefined) { localVarQueryParameter['device_challenge'] = deviceChallenge; } localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(acceptDeviceUserCodeRequest, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * @summary Create OAuth 2.0 Client * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ createOAuth2Client: async (oAuth2Client: OAuth2Client, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'oAuth2Client' is not null or undefined assertParamExists('createOAuth2Client', 'oAuth2Client', oAuth2Client) const localVarPath = `/admin/clients`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(oAuth2Client, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * @summary Delete OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOAuth2Client: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('deleteOAuth2Client', 'id', id) const localVarPath = `/admin/clients/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * @summary Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client * @param {string} clientId OAuth 2.0 Client ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOAuth2Token: async (clientId: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'clientId' is not null or undefined assertParamExists('deleteOAuth2Token', 'clientId', clientId) const localVarPath = `/admin/oauth2/tokens`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (clientId !== undefined) { localVarQueryParameter['client_id'] = clientId; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * @summary Delete Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteTrustedOAuth2JwtGrantIssuer: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('deleteTrustedOAuth2JwtGrantIssuer', 'id', id) const localVarPath = `/admin/trust/grants/jwt-bearer/issuers/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Get an OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2Client: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('getOAuth2Client', 'id', id) const localVarPath = `/admin/clients/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Get OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2ConsentRequest: async (consentChallenge: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'consentChallenge' is not null or undefined assertParamExists('getOAuth2ConsentRequest', 'consentChallenge', consentChallenge) const localVarPath = `/admin/oauth2/auth/requests/consent`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (consentChallenge !== undefined) { localVarQueryParameter['consent_challenge'] = consentChallenge; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * @summary Get OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2LoginRequest: async (loginChallenge: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'loginChallenge' is not null or undefined assertParamExists('getOAuth2LoginRequest', 'loginChallenge', loginChallenge) const localVarPath = `/admin/oauth2/auth/requests/login`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (loginChallenge !== undefined) { localVarQueryParameter['login_challenge'] = loginChallenge; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * @summary Get OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2LogoutRequest: async (logoutChallenge: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'logoutChallenge' is not null or undefined assertParamExists('getOAuth2LogoutRequest', 'logoutChallenge', logoutChallenge) const localVarPath = `/admin/oauth2/auth/requests/logout`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (logoutChallenge !== undefined) { localVarQueryParameter['logout_challenge'] = logoutChallenge; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * @summary Get Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} */ getTrustedOAuth2JwtGrantIssuer: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('getTrustedOAuth2JwtGrantIssuer', 'id', id) const localVarPath = `/admin/trust/grants/jwt-bearer/issuers/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * @summary Introspect OAuth2 Access and Refresh Tokens * @param {string} token The string value of the token. For access tokens, this is the \\\"access_token\\\" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \\\"refresh_token\\\" value returned. * @param {string} [scope] An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. * @param {*} [options] Override http request option. * @throws {RequiredError} */ introspectOAuth2Token: async (token: string, scope?: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'token' is not null or undefined assertParamExists('introspectOAuth2Token', 'token', token) const localVarPath = `/admin/oauth2/introspect`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; const localVarFormParams = new URLSearchParams(); if (scope !== undefined) { localVarFormParams.set('scope', scope as any); } if (token !== undefined) { localVarFormParams.set('token', token as any); } localVarHeaderParameter['Content-Type'] = 'application/x-www-form-urlencoded'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = localVarFormParams.toString(); return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * @summary List OAuth 2.0 Clients * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [clientName] The name of the clients to filter by. * @param {string} [owner] The owner of the clients to filter by. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listOAuth2Clients: async (pageSize?: number, pageToken?: string, clientName?: string, owner?: string, options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/admin/clients`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (pageSize !== undefined) { localVarQueryParameter['page_size'] = pageSize; } if (pageToken !== undefined) { localVarQueryParameter['page_token'] = pageToken; } if (clientName !== undefined) { localVarQueryParameter['client_name'] = clientName; } if (owner !== undefined) { localVarQueryParameter['owner'] = owner; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * @summary List OAuth 2.0 Consent Sessions of a Subject * @param {string} subject The subject to list the consent sessions for. * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [loginSessionId] The login session id to list the consent sessions for. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listOAuth2ConsentSessions: async (subject: string, pageSize?: number, pageToken?: string, loginSessionId?: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'subject' is not null or undefined assertParamExists('listOAuth2ConsentSessions', 'subject', subject) const localVarPath = `/admin/oauth2/auth/sessions/consent`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (pageSize !== undefined) { localVarQueryParameter['page_size'] = pageSize; } if (pageToken !== undefined) { localVarQueryParameter['page_token'] = pageToken; } if (subject !== undefined) { localVarQueryParameter['subject'] = subject; } if (loginSessionId !== undefined) { localVarQueryParameter['login_session_id'] = loginSessionId; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * @summary List Trusted OAuth2 JWT Bearer Grant Type Issuers * @param {number} [maxItems] * @param {number} [defaultItems] * @param {string} [issuer] If optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listTrustedOAuth2JwtGrantIssuers: async (maxItems?: number, defaultItems?: number, issuer?: string, options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/admin/trust/grants/jwt-bearer/issuers`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (maxItems !== undefined) { localVarQueryParameter['MaxItems'] = maxItems; } if (defaultItems !== undefined) { localVarQueryParameter['DefaultItems'] = defaultItems; } if (issuer !== undefined) { localVarQueryParameter['issuer'] = issuer; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary OAuth 2.0 Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ oAuth2Authorize: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/oauth2/auth`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc8628 * @summary The OAuth 2.0 Device Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ oAuth2DeviceFlow: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/oauth2/device/auth`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary The OAuth 2.0 Token Endpoint * @param {string} grantType * @param {string} [clientId] * @param {string} [code] * @param {string} [redirectUri] * @param {string} [refreshToken] * @param {*} [options] Override http request option. * @throws {RequiredError} */ oauth2TokenExchange: async (grantType: string, clientId?: string, code?: string, redirectUri?: string, refreshToken?: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'grantType' is not null or undefined assertParamExists('oauth2TokenExchange', 'grantType', grantType) const localVarPath = `/oauth2/token`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; const localVarFormParams = new URLSearchParams(); // authentication basic required // http basic authentication required setBasicAuthToObject(localVarRequestOptions, configuration) // authentication oauth2 required // oauth required await setOAuthToObject(localVarHeaderParameter, "oauth2", [], configuration) if (clientId !== undefined) { localVarFormParams.set('client_id', clientId as any); } if (code !== undefined) { localVarFormParams.set('code', code as any); } if (grantType !== undefined) { localVarFormParams.set('grant_type', grantType as any); } if (redirectUri !== undefined) { localVarFormParams.set('redirect_uri', redirectUri as any); } if (refreshToken !== undefined) { localVarFormParams.set('refresh_token', refreshToken as any); } localVarHeaderParameter['Content-Type'] = 'application/x-www-form-urlencoded'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = localVarFormParams.toString(); return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Patch OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {Array} jsonPatch OAuth 2.0 Client JSON Patch Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ patchOAuth2Client: async (id: string, jsonPatch: Array, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('patchOAuth2Client', 'id', id) // verify required parameter 'jsonPatch' is not null or undefined assertParamExists('patchOAuth2Client', 'jsonPatch', jsonPatch) const localVarPath = `/admin/clients/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PATCH', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(jsonPatch, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This is the device user verification endpoint. The user is redirected here when trying to login using the device flow. * @summary OAuth 2.0 Device Verification Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ performOAuth2DeviceVerificationFlow: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/oauth2/device/verify`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Reject OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2ConsentRequest: async (consentChallenge: string, rejectOAuth2Request?: RejectOAuth2Request, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'consentChallenge' is not null or undefined assertParamExists('rejectOAuth2ConsentRequest', 'consentChallenge', consentChallenge) const localVarPath = `/admin/oauth2/auth/requests/consent/reject`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (consentChallenge !== undefined) { localVarQueryParameter['consent_challenge'] = consentChallenge; } localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(rejectOAuth2Request, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Reject OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2LoginRequest: async (loginChallenge: string, rejectOAuth2Request?: RejectOAuth2Request, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'loginChallenge' is not null or undefined assertParamExists('rejectOAuth2LoginRequest', 'loginChallenge', loginChallenge) const localVarPath = `/admin/oauth2/auth/requests/login/reject`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (loginChallenge !== undefined) { localVarQueryParameter['login_challenge'] = loginChallenge; } localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(rejectOAuth2Request, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * @summary Reject OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2LogoutRequest: async (logoutChallenge: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'logoutChallenge' is not null or undefined assertParamExists('rejectOAuth2LogoutRequest', 'logoutChallenge', logoutChallenge) const localVarPath = `/admin/oauth2/auth/requests/logout/reject`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (logoutChallenge !== undefined) { localVarQueryParameter['logout_challenge'] = logoutChallenge; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * @summary Revoke OAuth 2.0 Consent Sessions of a Subject * @param {string} subject OAuth 2.0 Consent Subject The subject whose consent sessions should be deleted. * @param {string} [client] OAuth 2.0 Client ID If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID. * @param {boolean} [all] Revoke All Consent Sessions If set to `true` deletes all consent sessions by the Subject that have been granted. * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2ConsentSessions: async (subject: string, client?: string, all?: boolean, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'subject' is not null or undefined assertParamExists('revokeOAuth2ConsentSessions', 'subject', subject) const localVarPath = `/admin/oauth2/auth/sessions/consent`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (subject !== undefined) { localVarQueryParameter['subject'] = subject; } if (client !== undefined) { localVarQueryParameter['client'] = client; } if (all !== undefined) { localVarQueryParameter['all'] = all; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * @summary Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID * @param {string} [subject] OAuth 2.0 Subject The subject to revoke authentication sessions for. * @param {string} [sid] Login Session ID The login session to revoke. * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2LoginSessions: async (subject?: string, sid?: string, options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/admin/oauth2/auth/sessions/login`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; if (subject !== undefined) { localVarQueryParameter['subject'] = subject; } if (sid !== undefined) { localVarQueryParameter['sid'] = sid; } setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * @summary Revoke OAuth 2.0 Access or Refresh Token * @param {string} token * @param {string} [clientId] * @param {string} [clientSecret] * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2Token: async (token: string, clientId?: string, clientSecret?: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'token' is not null or undefined assertParamExists('revokeOAuth2Token', 'token', token) const localVarPath = `/oauth2/revoke`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; const localVarFormParams = new URLSearchParams(); // authentication basic required // http basic authentication required setBasicAuthToObject(localVarRequestOptions, configuration) // authentication oauth2 required // oauth required await setOAuthToObject(localVarHeaderParameter, "oauth2", [], configuration) if (clientId !== undefined) { localVarFormParams.set('client_id', clientId as any); } if (clientSecret !== undefined) { localVarFormParams.set('client_secret', clientSecret as any); } if (token !== undefined) { localVarFormParams.set('token', token as any); } localVarHeaderParameter['Content-Type'] = 'application/x-www-form-urlencoded'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = localVarFormParams.toString(); return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth 2.0 Client * @param {string} id OAuth 2.0 Client ID * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOAuth2Client: async (id: string, oAuth2Client: OAuth2Client, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('setOAuth2Client', 'id', id) // verify required parameter 'oAuth2Client' is not null or undefined assertParamExists('setOAuth2Client', 'oAuth2Client', oAuth2Client) const localVarPath = `/admin/clients/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(oAuth2Client, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * @summary Set OAuth2 Client Token Lifespans * @param {string} id OAuth 2.0 Client ID * @param {OAuth2ClientTokenLifespans} [oAuth2ClientTokenLifespans] * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOAuth2ClientLifespans: async (id: string, oAuth2ClientTokenLifespans?: OAuth2ClientTokenLifespans, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('setOAuth2ClientLifespans', 'id', id) const localVarPath = `/admin/clients/{id}/lifespans` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(oAuth2ClientTokenLifespans, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * @summary Trust OAuth2 JWT Bearer Grant Type Issuer * @param {TrustOAuth2JwtGrantIssuer} [trustOAuth2JwtGrantIssuer] * @param {*} [options] Override http request option. * @throws {RequiredError} */ trustOAuth2JwtGrantIssuer: async (trustOAuth2JwtGrantIssuer?: TrustOAuth2JwtGrantIssuer, options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/admin/trust/grants/jwt-bearer/issuers`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(trustOAuth2JwtGrantIssuer, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, } }; /** * OAuth2Api - functional programming interface * @export */ export const OAuth2ApiFp = function(configuration?: Configuration) { const localVarAxiosParamCreator = OAuth2ApiAxiosParamCreator(configuration) return { /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Accept OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {AcceptOAuth2ConsentRequest} [acceptOAuth2ConsentRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async acceptOAuth2ConsentRequest(consentChallenge: string, acceptOAuth2ConsentRequest?: AcceptOAuth2ConsentRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.acceptOAuth2ConsentRequest(consentChallenge, acceptOAuth2ConsentRequest, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.acceptOAuth2ConsentRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {AcceptOAuth2LoginRequest} [acceptOAuth2LoginRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async acceptOAuth2LoginRequest(loginChallenge: string, acceptOAuth2LoginRequest?: AcceptOAuth2LoginRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.acceptOAuth2LoginRequest(loginChallenge, acceptOAuth2LoginRequest, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.acceptOAuth2LoginRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Session Logout Request * @param {string} logoutChallenge OAuth 2.0 Logout Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ async acceptOAuth2LogoutRequest(logoutChallenge: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.acceptOAuth2LogoutRequest(logoutChallenge, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.acceptOAuth2LogoutRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Accepts a device grant user_code request * @summary Accepts a device grant user_code request * @param {string} deviceChallenge * @param {AcceptDeviceUserCodeRequest} [acceptDeviceUserCodeRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async acceptUserCodeRequest(deviceChallenge: string, acceptDeviceUserCodeRequest?: AcceptDeviceUserCodeRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.acceptUserCodeRequest(deviceChallenge, acceptDeviceUserCodeRequest, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.acceptUserCodeRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * @summary Create OAuth 2.0 Client * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ async createOAuth2Client(oAuth2Client: OAuth2Client, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.createOAuth2Client(oAuth2Client, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.createOAuth2Client']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * @summary Delete OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteOAuth2Client(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteOAuth2Client(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.deleteOAuth2Client']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * @summary Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client * @param {string} clientId OAuth 2.0 Client ID * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteOAuth2Token(clientId: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteOAuth2Token(clientId, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.deleteOAuth2Token']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * @summary Delete Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteTrustedOAuth2JwtGrantIssuer(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteTrustedOAuth2JwtGrantIssuer(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.deleteTrustedOAuth2JwtGrantIssuer']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Get an OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOAuth2Client(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOAuth2Client(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.getOAuth2Client']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Get OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOAuth2ConsentRequest(consentChallenge: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOAuth2ConsentRequest(consentChallenge, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.getOAuth2ConsentRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * @summary Get OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOAuth2LoginRequest(loginChallenge: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOAuth2LoginRequest(loginChallenge, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.getOAuth2LoginRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * @summary Get OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOAuth2LogoutRequest(logoutChallenge: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOAuth2LogoutRequest(logoutChallenge, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.getOAuth2LogoutRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * @summary Get Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getTrustedOAuth2JwtGrantIssuer(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getTrustedOAuth2JwtGrantIssuer(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.getTrustedOAuth2JwtGrantIssuer']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * @summary Introspect OAuth2 Access and Refresh Tokens * @param {string} token The string value of the token. For access tokens, this is the \\\"access_token\\\" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \\\"refresh_token\\\" value returned. * @param {string} [scope] An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async introspectOAuth2Token(token: string, scope?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.introspectOAuth2Token(token, scope, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.introspectOAuth2Token']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * @summary List OAuth 2.0 Clients * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [clientName] The name of the clients to filter by. * @param {string} [owner] The owner of the clients to filter by. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async listOAuth2Clients(pageSize?: number, pageToken?: string, clientName?: string, owner?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise>> { const localVarAxiosArgs = await localVarAxiosParamCreator.listOAuth2Clients(pageSize, pageToken, clientName, owner, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.listOAuth2Clients']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * @summary List OAuth 2.0 Consent Sessions of a Subject * @param {string} subject The subject to list the consent sessions for. * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [loginSessionId] The login session id to list the consent sessions for. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async listOAuth2ConsentSessions(subject: string, pageSize?: number, pageToken?: string, loginSessionId?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise>> { const localVarAxiosArgs = await localVarAxiosParamCreator.listOAuth2ConsentSessions(subject, pageSize, pageToken, loginSessionId, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.listOAuth2ConsentSessions']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * @summary List Trusted OAuth2 JWT Bearer Grant Type Issuers * @param {number} [maxItems] * @param {number} [defaultItems] * @param {string} [issuer] If optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async listTrustedOAuth2JwtGrantIssuers(maxItems?: number, defaultItems?: number, issuer?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise>> { const localVarAxiosArgs = await localVarAxiosParamCreator.listTrustedOAuth2JwtGrantIssuers(maxItems, defaultItems, issuer, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.listTrustedOAuth2JwtGrantIssuers']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary OAuth 2.0 Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ async oAuth2Authorize(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.oAuth2Authorize(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.oAuth2Authorize']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc8628 * @summary The OAuth 2.0 Device Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ async oAuth2DeviceFlow(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.oAuth2DeviceFlow(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.oAuth2DeviceFlow']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary The OAuth 2.0 Token Endpoint * @param {string} grantType * @param {string} [clientId] * @param {string} [code] * @param {string} [redirectUri] * @param {string} [refreshToken] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async oauth2TokenExchange(grantType: string, clientId?: string, code?: string, redirectUri?: string, refreshToken?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.oauth2TokenExchange(grantType, clientId, code, redirectUri, refreshToken, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.oauth2TokenExchange']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Patch OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {Array} jsonPatch OAuth 2.0 Client JSON Patch Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ async patchOAuth2Client(id: string, jsonPatch: Array, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.patchOAuth2Client(id, jsonPatch, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.patchOAuth2Client']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This is the device user verification endpoint. The user is redirected here when trying to login using the device flow. * @summary OAuth 2.0 Device Verification Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ async performOAuth2DeviceVerificationFlow(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.performOAuth2DeviceVerificationFlow(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.performOAuth2DeviceVerificationFlow']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Reject OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async rejectOAuth2ConsentRequest(consentChallenge: string, rejectOAuth2Request?: RejectOAuth2Request, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.rejectOAuth2ConsentRequest(consentChallenge, rejectOAuth2Request, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.rejectOAuth2ConsentRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Reject OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async rejectOAuth2LoginRequest(loginChallenge: string, rejectOAuth2Request?: RejectOAuth2Request, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.rejectOAuth2LoginRequest(loginChallenge, rejectOAuth2Request, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.rejectOAuth2LoginRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * @summary Reject OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} */ async rejectOAuth2LogoutRequest(logoutChallenge: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.rejectOAuth2LogoutRequest(logoutChallenge, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.rejectOAuth2LogoutRequest']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * @summary Revoke OAuth 2.0 Consent Sessions of a Subject * @param {string} subject OAuth 2.0 Consent Subject The subject whose consent sessions should be deleted. * @param {string} [client] OAuth 2.0 Client ID If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID. * @param {boolean} [all] Revoke All Consent Sessions If set to `true` deletes all consent sessions by the Subject that have been granted. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async revokeOAuth2ConsentSessions(subject: string, client?: string, all?: boolean, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.revokeOAuth2ConsentSessions(subject, client, all, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.revokeOAuth2ConsentSessions']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * @summary Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID * @param {string} [subject] OAuth 2.0 Subject The subject to revoke authentication sessions for. * @param {string} [sid] Login Session ID The login session to revoke. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async revokeOAuth2LoginSessions(subject?: string, sid?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.revokeOAuth2LoginSessions(subject, sid, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.revokeOAuth2LoginSessions']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * @summary Revoke OAuth 2.0 Access or Refresh Token * @param {string} token * @param {string} [clientId] * @param {string} [clientSecret] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async revokeOAuth2Token(token: string, clientId?: string, clientSecret?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.revokeOAuth2Token(token, clientId, clientSecret, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.revokeOAuth2Token']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth 2.0 Client * @param {string} id OAuth 2.0 Client ID * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ async setOAuth2Client(id: string, oAuth2Client: OAuth2Client, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.setOAuth2Client(id, oAuth2Client, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.setOAuth2Client']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * @summary Set OAuth2 Client Token Lifespans * @param {string} id OAuth 2.0 Client ID * @param {OAuth2ClientTokenLifespans} [oAuth2ClientTokenLifespans] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async setOAuth2ClientLifespans(id: string, oAuth2ClientTokenLifespans?: OAuth2ClientTokenLifespans, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.setOAuth2ClientLifespans(id, oAuth2ClientTokenLifespans, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.setOAuth2ClientLifespans']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * @summary Trust OAuth2 JWT Bearer Grant Type Issuer * @param {TrustOAuth2JwtGrantIssuer} [trustOAuth2JwtGrantIssuer] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async trustOAuth2JwtGrantIssuer(trustOAuth2JwtGrantIssuer?: TrustOAuth2JwtGrantIssuer, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.trustOAuth2JwtGrantIssuer(trustOAuth2JwtGrantIssuer, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OAuth2Api.trustOAuth2JwtGrantIssuer']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, } }; /** * OAuth2Api - factory interface * @export */ export const OAuth2ApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) { const localVarFp = OAuth2ApiFp(configuration) return { /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Accept OAuth 2.0 Consent Request * @param {OAuth2ApiAcceptOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2ConsentRequest(requestParameters: OAuth2ApiAcceptOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.acceptOAuth2ConsentRequest(requestParameters.consentChallenge, requestParameters.acceptOAuth2ConsentRequest, options).then((request) => request(axios, basePath)); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Login Request * @param {OAuth2ApiAcceptOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2LoginRequest(requestParameters: OAuth2ApiAcceptOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.acceptOAuth2LoginRequest(requestParameters.loginChallenge, requestParameters.acceptOAuth2LoginRequest, options).then((request) => request(axios, basePath)); }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Session Logout Request * @param {OAuth2ApiAcceptOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptOAuth2LogoutRequest(requestParameters: OAuth2ApiAcceptOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.acceptOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(axios, basePath)); }, /** * Accepts a device grant user_code request * @summary Accepts a device grant user_code request * @param {OAuth2ApiAcceptUserCodeRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ acceptUserCodeRequest(requestParameters: OAuth2ApiAcceptUserCodeRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.acceptUserCodeRequest(requestParameters.deviceChallenge, requestParameters.acceptDeviceUserCodeRequest, options).then((request) => request(axios, basePath)); }, /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * @summary Create OAuth 2.0 Client * @param {OAuth2ApiCreateOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ createOAuth2Client(requestParameters: OAuth2ApiCreateOAuth2ClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.createOAuth2Client(requestParameters.oAuth2Client, options).then((request) => request(axios, basePath)); }, /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * @summary Delete OAuth 2.0 Client * @param {OAuth2ApiDeleteOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOAuth2Client(requestParameters: OAuth2ApiDeleteOAuth2ClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteOAuth2Client(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * @summary Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client * @param {OAuth2ApiDeleteOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOAuth2Token(requestParameters: OAuth2ApiDeleteOAuth2TokenRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteOAuth2Token(requestParameters.clientId, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * @summary Delete Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteTrustedOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteTrustedOAuth2JwtGrantIssuer(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Get an OAuth 2.0 Client * @param {OAuth2ApiGetOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2Client(requestParameters: OAuth2ApiGetOAuth2ClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOAuth2Client(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Get OAuth 2.0 Consent Request * @param {OAuth2ApiGetOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2ConsentRequest(requestParameters: OAuth2ApiGetOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOAuth2ConsentRequest(requestParameters.consentChallenge, options).then((request) => request(axios, basePath)); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * @summary Get OAuth 2.0 Login Request * @param {OAuth2ApiGetOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2LoginRequest(requestParameters: OAuth2ApiGetOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOAuth2LoginRequest(requestParameters.loginChallenge, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * @summary Get OAuth 2.0 Session Logout Request * @param {OAuth2ApiGetOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOAuth2LogoutRequest(requestParameters: OAuth2ApiGetOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * @summary Get Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getTrustedOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getTrustedOAuth2JwtGrantIssuer(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * @summary Introspect OAuth2 Access and Refresh Tokens * @param {OAuth2ApiIntrospectOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ introspectOAuth2Token(requestParameters: OAuth2ApiIntrospectOAuth2TokenRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.introspectOAuth2Token(requestParameters.token, requestParameters.scope, options).then((request) => request(axios, basePath)); }, /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * @summary List OAuth 2.0 Clients * @param {OAuth2ApiListOAuth2ClientsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listOAuth2Clients(requestParameters: OAuth2ApiListOAuth2ClientsRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise> { return localVarFp.listOAuth2Clients(requestParameters.pageSize, requestParameters.pageToken, requestParameters.clientName, requestParameters.owner, options).then((request) => request(axios, basePath)); }, /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * @summary List OAuth 2.0 Consent Sessions of a Subject * @param {OAuth2ApiListOAuth2ConsentSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listOAuth2ConsentSessions(requestParameters: OAuth2ApiListOAuth2ConsentSessionsRequest, options?: RawAxiosRequestConfig): AxiosPromise> { return localVarFp.listOAuth2ConsentSessions(requestParameters.subject, requestParameters.pageSize, requestParameters.pageToken, requestParameters.loginSessionId, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * @summary List Trusted OAuth2 JWT Bearer Grant Type Issuers * @param {OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ listTrustedOAuth2JwtGrantIssuers(requestParameters: OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise> { return localVarFp.listTrustedOAuth2JwtGrantIssuers(requestParameters.maxItems, requestParameters.defaultItems, requestParameters.issuer, options).then((request) => request(axios, basePath)); }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary OAuth 2.0 Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ oAuth2Authorize(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.oAuth2Authorize(options).then((request) => request(axios, basePath)); }, /** * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc8628 * @summary The OAuth 2.0 Device Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ oAuth2DeviceFlow(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.oAuth2DeviceFlow(options).then((request) => request(axios, basePath)); }, /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary The OAuth 2.0 Token Endpoint * @param {OAuth2ApiOauth2TokenExchangeRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ oauth2TokenExchange(requestParameters: OAuth2ApiOauth2TokenExchangeRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.oauth2TokenExchange(requestParameters.grantType, requestParameters.clientId, requestParameters.code, requestParameters.redirectUri, requestParameters.refreshToken, options).then((request) => request(axios, basePath)); }, /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Patch OAuth 2.0 Client * @param {OAuth2ApiPatchOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ patchOAuth2Client(requestParameters: OAuth2ApiPatchOAuth2ClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.patchOAuth2Client(requestParameters.id, requestParameters.jsonPatch, options).then((request) => request(axios, basePath)); }, /** * This is the device user verification endpoint. The user is redirected here when trying to login using the device flow. * @summary OAuth 2.0 Device Verification Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} */ performOAuth2DeviceVerificationFlow(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.performOAuth2DeviceVerificationFlow(options).then((request) => request(axios, basePath)); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Reject OAuth 2.0 Consent Request * @param {OAuth2ApiRejectOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2ConsentRequest(requestParameters: OAuth2ApiRejectOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.rejectOAuth2ConsentRequest(requestParameters.consentChallenge, requestParameters.rejectOAuth2Request, options).then((request) => request(axios, basePath)); }, /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Reject OAuth 2.0 Login Request * @param {OAuth2ApiRejectOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2LoginRequest(requestParameters: OAuth2ApiRejectOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.rejectOAuth2LoginRequest(requestParameters.loginChallenge, requestParameters.rejectOAuth2Request, options).then((request) => request(axios, basePath)); }, /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * @summary Reject OAuth 2.0 Session Logout Request * @param {OAuth2ApiRejectOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ rejectOAuth2LogoutRequest(requestParameters: OAuth2ApiRejectOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.rejectOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(axios, basePath)); }, /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * @summary Revoke OAuth 2.0 Consent Sessions of a Subject * @param {OAuth2ApiRevokeOAuth2ConsentSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2ConsentSessions(requestParameters: OAuth2ApiRevokeOAuth2ConsentSessionsRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.revokeOAuth2ConsentSessions(requestParameters.subject, requestParameters.client, requestParameters.all, options).then((request) => request(axios, basePath)); }, /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * @summary Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID * @param {OAuth2ApiRevokeOAuth2LoginSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2LoginSessions(requestParameters: OAuth2ApiRevokeOAuth2LoginSessionsRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.revokeOAuth2LoginSessions(requestParameters.subject, requestParameters.sid, options).then((request) => request(axios, basePath)); }, /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * @summary Revoke OAuth 2.0 Access or Refresh Token * @param {OAuth2ApiRevokeOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOAuth2Token(requestParameters: OAuth2ApiRevokeOAuth2TokenRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.revokeOAuth2Token(requestParameters.token, requestParameters.clientId, requestParameters.clientSecret, options).then((request) => request(axios, basePath)); }, /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth 2.0 Client * @param {OAuth2ApiSetOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOAuth2Client(requestParameters: OAuth2ApiSetOAuth2ClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.setOAuth2Client(requestParameters.id, requestParameters.oAuth2Client, options).then((request) => request(axios, basePath)); }, /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * @summary Set OAuth2 Client Token Lifespans * @param {OAuth2ApiSetOAuth2ClientLifespansRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOAuth2ClientLifespans(requestParameters: OAuth2ApiSetOAuth2ClientLifespansRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.setOAuth2ClientLifespans(requestParameters.id, requestParameters.oAuth2ClientTokenLifespans, options).then((request) => request(axios, basePath)); }, /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * @summary Trust OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiTrustOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ trustOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiTrustOAuth2JwtGrantIssuerRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.trustOAuth2JwtGrantIssuer(requestParameters.trustOAuth2JwtGrantIssuer, options).then((request) => request(axios, basePath)); }, }; }; /** * Request parameters for acceptOAuth2ConsentRequest operation in OAuth2Api. * @export * @interface OAuth2ApiAcceptOAuth2ConsentRequestRequest */ export interface OAuth2ApiAcceptOAuth2ConsentRequestRequest { /** * OAuth 2.0 Consent Request Challenge * @type {string} * @memberof OAuth2ApiAcceptOAuth2ConsentRequest */ readonly consentChallenge: string /** * * @type {AcceptOAuth2ConsentRequest} * @memberof OAuth2ApiAcceptOAuth2ConsentRequest */ readonly acceptOAuth2ConsentRequest?: AcceptOAuth2ConsentRequest } /** * Request parameters for acceptOAuth2LoginRequest operation in OAuth2Api. * @export * @interface OAuth2ApiAcceptOAuth2LoginRequestRequest */ export interface OAuth2ApiAcceptOAuth2LoginRequestRequest { /** * OAuth 2.0 Login Request Challenge * @type {string} * @memberof OAuth2ApiAcceptOAuth2LoginRequest */ readonly loginChallenge: string /** * * @type {AcceptOAuth2LoginRequest} * @memberof OAuth2ApiAcceptOAuth2LoginRequest */ readonly acceptOAuth2LoginRequest?: AcceptOAuth2LoginRequest } /** * Request parameters for acceptOAuth2LogoutRequest operation in OAuth2Api. * @export * @interface OAuth2ApiAcceptOAuth2LogoutRequestRequest */ export interface OAuth2ApiAcceptOAuth2LogoutRequestRequest { /** * OAuth 2.0 Logout Request Challenge * @type {string} * @memberof OAuth2ApiAcceptOAuth2LogoutRequest */ readonly logoutChallenge: string } /** * Request parameters for acceptUserCodeRequest operation in OAuth2Api. * @export * @interface OAuth2ApiAcceptUserCodeRequestRequest */ export interface OAuth2ApiAcceptUserCodeRequestRequest { /** * * @type {string} * @memberof OAuth2ApiAcceptUserCodeRequest */ readonly deviceChallenge: string /** * * @type {AcceptDeviceUserCodeRequest} * @memberof OAuth2ApiAcceptUserCodeRequest */ readonly acceptDeviceUserCodeRequest?: AcceptDeviceUserCodeRequest } /** * Request parameters for createOAuth2Client operation in OAuth2Api. * @export * @interface OAuth2ApiCreateOAuth2ClientRequest */ export interface OAuth2ApiCreateOAuth2ClientRequest { /** * OAuth 2.0 Client Request Body * @type {OAuth2Client} * @memberof OAuth2ApiCreateOAuth2Client */ readonly oAuth2Client: OAuth2Client } /** * Request parameters for deleteOAuth2Client operation in OAuth2Api. * @export * @interface OAuth2ApiDeleteOAuth2ClientRequest */ export interface OAuth2ApiDeleteOAuth2ClientRequest { /** * The id of the OAuth 2.0 Client. * @type {string} * @memberof OAuth2ApiDeleteOAuth2Client */ readonly id: string } /** * Request parameters for deleteOAuth2Token operation in OAuth2Api. * @export * @interface OAuth2ApiDeleteOAuth2TokenRequest */ export interface OAuth2ApiDeleteOAuth2TokenRequest { /** * OAuth 2.0 Client ID * @type {string} * @memberof OAuth2ApiDeleteOAuth2Token */ readonly clientId: string } /** * Request parameters for deleteTrustedOAuth2JwtGrantIssuer operation in OAuth2Api. * @export * @interface OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest */ export interface OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest { /** * The id of the desired grant * @type {string} * @memberof OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuer */ readonly id: string } /** * Request parameters for getOAuth2Client operation in OAuth2Api. * @export * @interface OAuth2ApiGetOAuth2ClientRequest */ export interface OAuth2ApiGetOAuth2ClientRequest { /** * The id of the OAuth 2.0 Client. * @type {string} * @memberof OAuth2ApiGetOAuth2Client */ readonly id: string } /** * Request parameters for getOAuth2ConsentRequest operation in OAuth2Api. * @export * @interface OAuth2ApiGetOAuth2ConsentRequestRequest */ export interface OAuth2ApiGetOAuth2ConsentRequestRequest { /** * OAuth 2.0 Consent Request Challenge * @type {string} * @memberof OAuth2ApiGetOAuth2ConsentRequest */ readonly consentChallenge: string } /** * Request parameters for getOAuth2LoginRequest operation in OAuth2Api. * @export * @interface OAuth2ApiGetOAuth2LoginRequestRequest */ export interface OAuth2ApiGetOAuth2LoginRequestRequest { /** * OAuth 2.0 Login Request Challenge * @type {string} * @memberof OAuth2ApiGetOAuth2LoginRequest */ readonly loginChallenge: string } /** * Request parameters for getOAuth2LogoutRequest operation in OAuth2Api. * @export * @interface OAuth2ApiGetOAuth2LogoutRequestRequest */ export interface OAuth2ApiGetOAuth2LogoutRequestRequest { /** * * @type {string} * @memberof OAuth2ApiGetOAuth2LogoutRequest */ readonly logoutChallenge: string } /** * Request parameters for getTrustedOAuth2JwtGrantIssuer operation in OAuth2Api. * @export * @interface OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest */ export interface OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest { /** * The id of the desired grant * @type {string} * @memberof OAuth2ApiGetTrustedOAuth2JwtGrantIssuer */ readonly id: string } /** * Request parameters for introspectOAuth2Token operation in OAuth2Api. * @export * @interface OAuth2ApiIntrospectOAuth2TokenRequest */ export interface OAuth2ApiIntrospectOAuth2TokenRequest { /** * The string value of the token. For access tokens, this is the \\\"access_token\\\" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \\\"refresh_token\\\" value returned. * @type {string} * @memberof OAuth2ApiIntrospectOAuth2Token */ readonly token: string /** * An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. * @type {string} * @memberof OAuth2ApiIntrospectOAuth2Token */ readonly scope?: string } /** * Request parameters for listOAuth2Clients operation in OAuth2Api. * @export * @interface OAuth2ApiListOAuth2ClientsRequest */ export interface OAuth2ApiListOAuth2ClientsRequest { /** * Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {number} * @memberof OAuth2ApiListOAuth2Clients */ readonly pageSize?: number /** * Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {string} * @memberof OAuth2ApiListOAuth2Clients */ readonly pageToken?: string /** * The name of the clients to filter by. * @type {string} * @memberof OAuth2ApiListOAuth2Clients */ readonly clientName?: string /** * The owner of the clients to filter by. * @type {string} * @memberof OAuth2ApiListOAuth2Clients */ readonly owner?: string } /** * Request parameters for listOAuth2ConsentSessions operation in OAuth2Api. * @export * @interface OAuth2ApiListOAuth2ConsentSessionsRequest */ export interface OAuth2ApiListOAuth2ConsentSessionsRequest { /** * The subject to list the consent sessions for. * @type {string} * @memberof OAuth2ApiListOAuth2ConsentSessions */ readonly subject: string /** * Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {number} * @memberof OAuth2ApiListOAuth2ConsentSessions */ readonly pageSize?: number /** * Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @type {string} * @memberof OAuth2ApiListOAuth2ConsentSessions */ readonly pageToken?: string /** * The login session id to list the consent sessions for. * @type {string} * @memberof OAuth2ApiListOAuth2ConsentSessions */ readonly loginSessionId?: string } /** * Request parameters for listTrustedOAuth2JwtGrantIssuers operation in OAuth2Api. * @export * @interface OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest */ export interface OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest { /** * * @type {number} * @memberof OAuth2ApiListTrustedOAuth2JwtGrantIssuers */ readonly maxItems?: number /** * * @type {number} * @memberof OAuth2ApiListTrustedOAuth2JwtGrantIssuers */ readonly defaultItems?: number /** * If optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned. * @type {string} * @memberof OAuth2ApiListTrustedOAuth2JwtGrantIssuers */ readonly issuer?: string } /** * Request parameters for oauth2TokenExchange operation in OAuth2Api. * @export * @interface OAuth2ApiOauth2TokenExchangeRequest */ export interface OAuth2ApiOauth2TokenExchangeRequest { /** * * @type {string} * @memberof OAuth2ApiOauth2TokenExchange */ readonly grantType: string /** * * @type {string} * @memberof OAuth2ApiOauth2TokenExchange */ readonly clientId?: string /** * * @type {string} * @memberof OAuth2ApiOauth2TokenExchange */ readonly code?: string /** * * @type {string} * @memberof OAuth2ApiOauth2TokenExchange */ readonly redirectUri?: string /** * * @type {string} * @memberof OAuth2ApiOauth2TokenExchange */ readonly refreshToken?: string } /** * Request parameters for patchOAuth2Client operation in OAuth2Api. * @export * @interface OAuth2ApiPatchOAuth2ClientRequest */ export interface OAuth2ApiPatchOAuth2ClientRequest { /** * The id of the OAuth 2.0 Client. * @type {string} * @memberof OAuth2ApiPatchOAuth2Client */ readonly id: string /** * OAuth 2.0 Client JSON Patch Body * @type {Array} * @memberof OAuth2ApiPatchOAuth2Client */ readonly jsonPatch: Array } /** * Request parameters for rejectOAuth2ConsentRequest operation in OAuth2Api. * @export * @interface OAuth2ApiRejectOAuth2ConsentRequestRequest */ export interface OAuth2ApiRejectOAuth2ConsentRequestRequest { /** * OAuth 2.0 Consent Request Challenge * @type {string} * @memberof OAuth2ApiRejectOAuth2ConsentRequest */ readonly consentChallenge: string /** * * @type {RejectOAuth2Request} * @memberof OAuth2ApiRejectOAuth2ConsentRequest */ readonly rejectOAuth2Request?: RejectOAuth2Request } /** * Request parameters for rejectOAuth2LoginRequest operation in OAuth2Api. * @export * @interface OAuth2ApiRejectOAuth2LoginRequestRequest */ export interface OAuth2ApiRejectOAuth2LoginRequestRequest { /** * OAuth 2.0 Login Request Challenge * @type {string} * @memberof OAuth2ApiRejectOAuth2LoginRequest */ readonly loginChallenge: string /** * * @type {RejectOAuth2Request} * @memberof OAuth2ApiRejectOAuth2LoginRequest */ readonly rejectOAuth2Request?: RejectOAuth2Request } /** * Request parameters for rejectOAuth2LogoutRequest operation in OAuth2Api. * @export * @interface OAuth2ApiRejectOAuth2LogoutRequestRequest */ export interface OAuth2ApiRejectOAuth2LogoutRequestRequest { /** * * @type {string} * @memberof OAuth2ApiRejectOAuth2LogoutRequest */ readonly logoutChallenge: string } /** * Request parameters for revokeOAuth2ConsentSessions operation in OAuth2Api. * @export * @interface OAuth2ApiRevokeOAuth2ConsentSessionsRequest */ export interface OAuth2ApiRevokeOAuth2ConsentSessionsRequest { /** * OAuth 2.0 Consent Subject The subject whose consent sessions should be deleted. * @type {string} * @memberof OAuth2ApiRevokeOAuth2ConsentSessions */ readonly subject: string /** * OAuth 2.0 Client ID If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID. * @type {string} * @memberof OAuth2ApiRevokeOAuth2ConsentSessions */ readonly client?: string /** * Revoke All Consent Sessions If set to `true` deletes all consent sessions by the Subject that have been granted. * @type {boolean} * @memberof OAuth2ApiRevokeOAuth2ConsentSessions */ readonly all?: boolean } /** * Request parameters for revokeOAuth2LoginSessions operation in OAuth2Api. * @export * @interface OAuth2ApiRevokeOAuth2LoginSessionsRequest */ export interface OAuth2ApiRevokeOAuth2LoginSessionsRequest { /** * OAuth 2.0 Subject The subject to revoke authentication sessions for. * @type {string} * @memberof OAuth2ApiRevokeOAuth2LoginSessions */ readonly subject?: string /** * Login Session ID The login session to revoke. * @type {string} * @memberof OAuth2ApiRevokeOAuth2LoginSessions */ readonly sid?: string } /** * Request parameters for revokeOAuth2Token operation in OAuth2Api. * @export * @interface OAuth2ApiRevokeOAuth2TokenRequest */ export interface OAuth2ApiRevokeOAuth2TokenRequest { /** * * @type {string} * @memberof OAuth2ApiRevokeOAuth2Token */ readonly token: string /** * * @type {string} * @memberof OAuth2ApiRevokeOAuth2Token */ readonly clientId?: string /** * * @type {string} * @memberof OAuth2ApiRevokeOAuth2Token */ readonly clientSecret?: string } /** * Request parameters for setOAuth2Client operation in OAuth2Api. * @export * @interface OAuth2ApiSetOAuth2ClientRequest */ export interface OAuth2ApiSetOAuth2ClientRequest { /** * OAuth 2.0 Client ID * @type {string} * @memberof OAuth2ApiSetOAuth2Client */ readonly id: string /** * OAuth 2.0 Client Request Body * @type {OAuth2Client} * @memberof OAuth2ApiSetOAuth2Client */ readonly oAuth2Client: OAuth2Client } /** * Request parameters for setOAuth2ClientLifespans operation in OAuth2Api. * @export * @interface OAuth2ApiSetOAuth2ClientLifespansRequest */ export interface OAuth2ApiSetOAuth2ClientLifespansRequest { /** * OAuth 2.0 Client ID * @type {string} * @memberof OAuth2ApiSetOAuth2ClientLifespans */ readonly id: string /** * * @type {OAuth2ClientTokenLifespans} * @memberof OAuth2ApiSetOAuth2ClientLifespans */ readonly oAuth2ClientTokenLifespans?: OAuth2ClientTokenLifespans } /** * Request parameters for trustOAuth2JwtGrantIssuer operation in OAuth2Api. * @export * @interface OAuth2ApiTrustOAuth2JwtGrantIssuerRequest */ export interface OAuth2ApiTrustOAuth2JwtGrantIssuerRequest { /** * * @type {TrustOAuth2JwtGrantIssuer} * @memberof OAuth2ApiTrustOAuth2JwtGrantIssuer */ readonly trustOAuth2JwtGrantIssuer?: TrustOAuth2JwtGrantIssuer } /** * OAuth2Api - object-oriented interface * @export * @class OAuth2Api * @extends {BaseAPI} */ export class OAuth2Api extends BaseAPI { /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Accept OAuth 2.0 Consent Request * @param {OAuth2ApiAcceptOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public acceptOAuth2ConsentRequest(requestParameters: OAuth2ApiAcceptOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).acceptOAuth2ConsentRequest(requestParameters.consentChallenge, requestParameters.acceptOAuth2ConsentRequest, options).then((request) => request(this.axios, this.basePath)); } /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Login Request * @param {OAuth2ApiAcceptOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public acceptOAuth2LoginRequest(requestParameters: OAuth2ApiAcceptOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).acceptOAuth2LoginRequest(requestParameters.loginChallenge, requestParameters.acceptOAuth2LoginRequest, options).then((request) => request(this.axios, this.basePath)); } /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Session Logout Request * @param {OAuth2ApiAcceptOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public acceptOAuth2LogoutRequest(requestParameters: OAuth2ApiAcceptOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).acceptOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(this.axios, this.basePath)); } /** * Accepts a device grant user_code request * @summary Accepts a device grant user_code request * @param {OAuth2ApiAcceptUserCodeRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public acceptUserCodeRequest(requestParameters: OAuth2ApiAcceptUserCodeRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).acceptUserCodeRequest(requestParameters.deviceChallenge, requestParameters.acceptDeviceUserCodeRequest, options).then((request) => request(this.axios, this.basePath)); } /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * @summary Create OAuth 2.0 Client * @param {OAuth2ApiCreateOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public createOAuth2Client(requestParameters: OAuth2ApiCreateOAuth2ClientRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).createOAuth2Client(requestParameters.oAuth2Client, options).then((request) => request(this.axios, this.basePath)); } /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * @summary Delete OAuth 2.0 Client * @param {OAuth2ApiDeleteOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public deleteOAuth2Client(requestParameters: OAuth2ApiDeleteOAuth2ClientRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).deleteOAuth2Client(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * @summary Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client * @param {OAuth2ApiDeleteOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public deleteOAuth2Token(requestParameters: OAuth2ApiDeleteOAuth2TokenRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).deleteOAuth2Token(requestParameters.clientId, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * @summary Delete Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public deleteTrustedOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiDeleteTrustedOAuth2JwtGrantIssuerRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).deleteTrustedOAuth2JwtGrantIssuer(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Get an OAuth 2.0 Client * @param {OAuth2ApiGetOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public getOAuth2Client(requestParameters: OAuth2ApiGetOAuth2ClientRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).getOAuth2Client(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Get OAuth 2.0 Consent Request * @param {OAuth2ApiGetOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public getOAuth2ConsentRequest(requestParameters: OAuth2ApiGetOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).getOAuth2ConsentRequest(requestParameters.consentChallenge, options).then((request) => request(this.axios, this.basePath)); } /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * @summary Get OAuth 2.0 Login Request * @param {OAuth2ApiGetOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public getOAuth2LoginRequest(requestParameters: OAuth2ApiGetOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).getOAuth2LoginRequest(requestParameters.loginChallenge, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * @summary Get OAuth 2.0 Session Logout Request * @param {OAuth2ApiGetOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public getOAuth2LogoutRequest(requestParameters: OAuth2ApiGetOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).getOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * @summary Get Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public getTrustedOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiGetTrustedOAuth2JwtGrantIssuerRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).getTrustedOAuth2JwtGrantIssuer(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * @summary Introspect OAuth2 Access and Refresh Tokens * @param {OAuth2ApiIntrospectOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public introspectOAuth2Token(requestParameters: OAuth2ApiIntrospectOAuth2TokenRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).introspectOAuth2Token(requestParameters.token, requestParameters.scope, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * @summary List OAuth 2.0 Clients * @param {OAuth2ApiListOAuth2ClientsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public listOAuth2Clients(requestParameters: OAuth2ApiListOAuth2ClientsRequest = {}, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).listOAuth2Clients(requestParameters.pageSize, requestParameters.pageToken, requestParameters.clientName, requestParameters.owner, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * @summary List OAuth 2.0 Consent Sessions of a Subject * @param {OAuth2ApiListOAuth2ConsentSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public listOAuth2ConsentSessions(requestParameters: OAuth2ApiListOAuth2ConsentSessionsRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).listOAuth2ConsentSessions(requestParameters.subject, requestParameters.pageSize, requestParameters.pageToken, requestParameters.loginSessionId, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * @summary List Trusted OAuth2 JWT Bearer Grant Type Issuers * @param {OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public listTrustedOAuth2JwtGrantIssuers(requestParameters: OAuth2ApiListTrustedOAuth2JwtGrantIssuersRequest = {}, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).listTrustedOAuth2JwtGrantIssuers(requestParameters.maxItems, requestParameters.defaultItems, requestParameters.issuer, options).then((request) => request(this.axios, this.basePath)); } /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary OAuth 2.0 Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public oAuth2Authorize(options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).oAuth2Authorize(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc8628 * @summary The OAuth 2.0 Device Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public oAuth2DeviceFlow(options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).oAuth2DeviceFlow(options).then((request) => request(this.axios, this.basePath)); } /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary The OAuth 2.0 Token Endpoint * @param {OAuth2ApiOauth2TokenExchangeRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public oauth2TokenExchange(requestParameters: OAuth2ApiOauth2TokenExchangeRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).oauth2TokenExchange(requestParameters.grantType, requestParameters.clientId, requestParameters.code, requestParameters.redirectUri, requestParameters.refreshToken, options).then((request) => request(this.axios, this.basePath)); } /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Patch OAuth 2.0 Client * @param {OAuth2ApiPatchOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public patchOAuth2Client(requestParameters: OAuth2ApiPatchOAuth2ClientRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).patchOAuth2Client(requestParameters.id, requestParameters.jsonPatch, options).then((request) => request(this.axios, this.basePath)); } /** * This is the device user verification endpoint. The user is redirected here when trying to login using the device flow. * @summary OAuth 2.0 Device Verification Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public performOAuth2DeviceVerificationFlow(options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).performOAuth2DeviceVerificationFlow(options).then((request) => request(this.axios, this.basePath)); } /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Reject OAuth 2.0 Consent Request * @param {OAuth2ApiRejectOAuth2ConsentRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public rejectOAuth2ConsentRequest(requestParameters: OAuth2ApiRejectOAuth2ConsentRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).rejectOAuth2ConsentRequest(requestParameters.consentChallenge, requestParameters.rejectOAuth2Request, options).then((request) => request(this.axios, this.basePath)); } /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Reject OAuth 2.0 Login Request * @param {OAuth2ApiRejectOAuth2LoginRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public rejectOAuth2LoginRequest(requestParameters: OAuth2ApiRejectOAuth2LoginRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).rejectOAuth2LoginRequest(requestParameters.loginChallenge, requestParameters.rejectOAuth2Request, options).then((request) => request(this.axios, this.basePath)); } /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * @summary Reject OAuth 2.0 Session Logout Request * @param {OAuth2ApiRejectOAuth2LogoutRequestRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public rejectOAuth2LogoutRequest(requestParameters: OAuth2ApiRejectOAuth2LogoutRequestRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).rejectOAuth2LogoutRequest(requestParameters.logoutChallenge, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * @summary Revoke OAuth 2.0 Consent Sessions of a Subject * @param {OAuth2ApiRevokeOAuth2ConsentSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public revokeOAuth2ConsentSessions(requestParameters: OAuth2ApiRevokeOAuth2ConsentSessionsRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).revokeOAuth2ConsentSessions(requestParameters.subject, requestParameters.client, requestParameters.all, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * @summary Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID * @param {OAuth2ApiRevokeOAuth2LoginSessionsRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public revokeOAuth2LoginSessions(requestParameters: OAuth2ApiRevokeOAuth2LoginSessionsRequest = {}, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).revokeOAuth2LoginSessions(requestParameters.subject, requestParameters.sid, options).then((request) => request(this.axios, this.basePath)); } /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * @summary Revoke OAuth 2.0 Access or Refresh Token * @param {OAuth2ApiRevokeOAuth2TokenRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public revokeOAuth2Token(requestParameters: OAuth2ApiRevokeOAuth2TokenRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).revokeOAuth2Token(requestParameters.token, requestParameters.clientId, requestParameters.clientSecret, options).then((request) => request(this.axios, this.basePath)); } /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth 2.0 Client * @param {OAuth2ApiSetOAuth2ClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public setOAuth2Client(requestParameters: OAuth2ApiSetOAuth2ClientRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).setOAuth2Client(requestParameters.id, requestParameters.oAuth2Client, options).then((request) => request(this.axios, this.basePath)); } /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * @summary Set OAuth2 Client Token Lifespans * @param {OAuth2ApiSetOAuth2ClientLifespansRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public setOAuth2ClientLifespans(requestParameters: OAuth2ApiSetOAuth2ClientLifespansRequest, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).setOAuth2ClientLifespans(requestParameters.id, requestParameters.oAuth2ClientTokenLifespans, options).then((request) => request(this.axios, this.basePath)); } /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * @summary Trust OAuth2 JWT Bearer Grant Type Issuer * @param {OAuth2ApiTrustOAuth2JwtGrantIssuerRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2Api */ public trustOAuth2JwtGrantIssuer(requestParameters: OAuth2ApiTrustOAuth2JwtGrantIssuerRequest = {}, options?: RawAxiosRequestConfig) { return OAuth2ApiFp(this.configuration).trustOAuth2JwtGrantIssuer(requestParameters.trustOAuth2JwtGrantIssuer, options).then((request) => request(this.axios, this.basePath)); } } /** * OidcApi - axios parameter creator * @export */ export const OidcApiAxiosParamCreator = function (configuration?: Configuration) { return { /** * This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. Please note that using this endpoint you are not able to choose the `client_secret` nor the `client_id` as those values will be server generated when specifying `token_endpoint_auth_method` as `client_secret_basic` or `client_secret_post`. The `client_secret` will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somewhere safe. * @summary Register OAuth2 Client using OpenID Dynamic Client Registration * @param {OAuth2Client} oAuth2Client Dynamic Client Registration Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ createOidcDynamicClient: async (oAuth2Client: OAuth2Client, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'oAuth2Client' is not null or undefined assertParamExists('createOidcDynamicClient', 'oAuth2Client', oAuth2Client) const localVarPath = `/oauth2/register`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(oAuth2Client, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint creates a verifiable credential that attests that the user authenticated with the provided access token owns a certain public/private key pair. More information can be found at https://openid.net/specs/openid-connect-userinfo-vc-1_0.html. * @summary Issues a Verifiable Credential * @param {CreateVerifiableCredentialRequestBody} [createVerifiableCredentialRequestBody] * @param {*} [options] Override http request option. * @throws {RequiredError} */ createVerifiableCredential: async (createVerifiableCredentialRequestBody?: CreateVerifiableCredentialRequestBody, options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/credentials`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(createVerifiableCredentialRequestBody, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOidcDynamicClient: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('deleteOidcDynamicClient', 'id', id) const localVarPath = `/oauth2/register/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'DELETE', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; // authentication bearer required // http bearer authentication required await setBearerAuthToObject(localVarHeaderParameter, configuration) setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * A mechanism for an OpenID Connect Relying Party to discover the End-User\'s OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. For a full list of clients go here: https://openid.net/developers/certified/ * @summary OpenID Connect Discovery * @param {*} [options] Override http request option. * @throws {RequiredError} */ discoverOidcConfiguration: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/.well-known/openid-configuration`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. * @summary Get OAuth2 Client using OpenID Dynamic Client Registration * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOidcDynamicClient: async (id: string, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('getOidcDynamicClient', 'id', id) const localVarPath = `/oauth2/register/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; // authentication bearer required // http bearer authentication required await setBearerAuthToObject(localVarHeaderParameter, configuration) setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint returns the payload of the ID Token, including `session.id_token` values, of the provided OAuth 2.0 Access Token\'s consent request. In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) for more details about header format. * @summary OpenID Connect Userinfo * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOidcUserInfo: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/userinfo`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; // authentication oauth2 required // oauth required await setOAuthToObject(localVarHeaderParameter, "oauth2", [], configuration) setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates OpenID Connect Front- / Back-channel logout: https://openid.net/specs/openid-connect-frontchannel-1_0.html https://openid.net/specs/openid-connect-backchannel-1_0.html Back-channel logout is performed asynchronously and does not affect logout flow. * @summary OpenID Connect Front- and Back-channel Enabled Logout * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOidcSession: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/oauth2/sessions/logout`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, /** * This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of facing the public internet directly to be used by third parties. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature is disabled per default. It can be enabled by a system administrator. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth2 Client using OpenID Dynamic Client Registration * @param {string} id OAuth 2.0 Client ID * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOidcDynamicClient: async (id: string, oAuth2Client: OAuth2Client, options: RawAxiosRequestConfig = {}): Promise => { // verify required parameter 'id' is not null or undefined assertParamExists('setOidcDynamicClient', 'id', id) // verify required parameter 'oAuth2Client' is not null or undefined assertParamExists('setOidcDynamicClient', 'oAuth2Client', oAuth2Client) const localVarPath = `/oauth2/register/{id}` .replace(`{${"id"}}`, encodeURIComponent(String(id))); // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'PUT', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; // authentication bearer required // http bearer authentication required await setBearerAuthToObject(localVarHeaderParameter, configuration) localVarHeaderParameter['Content-Type'] = 'application/json'; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; localVarRequestOptions.data = serializeDataIfNeeded(oAuth2Client, localVarRequestOptions, configuration) return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, } }; /** * OidcApi - functional programming interface * @export */ export const OidcApiFp = function(configuration?: Configuration) { const localVarAxiosParamCreator = OidcApiAxiosParamCreator(configuration) return { /** * This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. Please note that using this endpoint you are not able to choose the `client_secret` nor the `client_id` as those values will be server generated when specifying `token_endpoint_auth_method` as `client_secret_basic` or `client_secret_post`. The `client_secret` will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somewhere safe. * @summary Register OAuth2 Client using OpenID Dynamic Client Registration * @param {OAuth2Client} oAuth2Client Dynamic Client Registration Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ async createOidcDynamicClient(oAuth2Client: OAuth2Client, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.createOidcDynamicClient(oAuth2Client, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.createOidcDynamicClient']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint creates a verifiable credential that attests that the user authenticated with the provided access token owns a certain public/private key pair. More information can be found at https://openid.net/specs/openid-connect-userinfo-vc-1_0.html. * @summary Issues a Verifiable Credential * @param {CreateVerifiableCredentialRequestBody} [createVerifiableCredentialRequestBody] * @param {*} [options] Override http request option. * @throws {RequiredError} */ async createVerifiableCredential(createVerifiableCredentialRequestBody?: CreateVerifiableCredentialRequestBody, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.createVerifiableCredential(createVerifiableCredentialRequestBody, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.createVerifiableCredential']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async deleteOidcDynamicClient(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.deleteOidcDynamicClient(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.deleteOidcDynamicClient']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * A mechanism for an OpenID Connect Relying Party to discover the End-User\'s OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. For a full list of clients go here: https://openid.net/developers/certified/ * @summary OpenID Connect Discovery * @param {*} [options] Override http request option. * @throws {RequiredError} */ async discoverOidcConfiguration(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.discoverOidcConfiguration(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.discoverOidcConfiguration']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. * @summary Get OAuth2 Client using OpenID Dynamic Client Registration * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOidcDynamicClient(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOidcDynamicClient(id, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.getOidcDynamicClient']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint returns the payload of the ID Token, including `session.id_token` values, of the provided OAuth 2.0 Access Token\'s consent request. In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) for more details about header format. * @summary OpenID Connect Userinfo * @param {*} [options] Override http request option. * @throws {RequiredError} */ async getOidcUserInfo(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.getOidcUserInfo(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.getOidcUserInfo']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates OpenID Connect Front- / Back-channel logout: https://openid.net/specs/openid-connect-frontchannel-1_0.html https://openid.net/specs/openid-connect-backchannel-1_0.html Back-channel logout is performed asynchronously and does not affect logout flow. * @summary OpenID Connect Front- and Back-channel Enabled Logout * @param {*} [options] Override http request option. * @throws {RequiredError} */ async revokeOidcSession(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.revokeOidcSession(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.revokeOidcSession']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, /** * This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of facing the public internet directly to be used by third parties. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature is disabled per default. It can be enabled by a system administrator. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth2 Client using OpenID Dynamic Client Registration * @param {string} id OAuth 2.0 Client ID * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} */ async setOidcDynamicClient(id: string, oAuth2Client: OAuth2Client, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.setOidcDynamicClient(id, oAuth2Client, options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['OidcApi.setOidcDynamicClient']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, } }; /** * OidcApi - factory interface * @export */ export const OidcApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) { const localVarFp = OidcApiFp(configuration) return { /** * This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. Please note that using this endpoint you are not able to choose the `client_secret` nor the `client_id` as those values will be server generated when specifying `token_endpoint_auth_method` as `client_secret_basic` or `client_secret_post`. The `client_secret` will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somewhere safe. * @summary Register OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiCreateOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ createOidcDynamicClient(requestParameters: OidcApiCreateOidcDynamicClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.createOidcDynamicClient(requestParameters.oAuth2Client, options).then((request) => request(axios, basePath)); }, /** * This endpoint creates a verifiable credential that attests that the user authenticated with the provided access token owns a certain public/private key pair. More information can be found at https://openid.net/specs/openid-connect-userinfo-vc-1_0.html. * @summary Issues a Verifiable Credential * @param {OidcApiCreateVerifiableCredentialRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ createVerifiableCredential(requestParameters: OidcApiCreateVerifiableCredentialRequest = {}, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.createVerifiableCredential(requestParameters.createVerifiableCredentialRequestBody, options).then((request) => request(axios, basePath)); }, /** * This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol * @param {OidcApiDeleteOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ deleteOidcDynamicClient(requestParameters: OidcApiDeleteOidcDynamicClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.deleteOidcDynamicClient(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * A mechanism for an OpenID Connect Relying Party to discover the End-User\'s OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. For a full list of clients go here: https://openid.net/developers/certified/ * @summary OpenID Connect Discovery * @param {*} [options] Override http request option. * @throws {RequiredError} */ discoverOidcConfiguration(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.discoverOidcConfiguration(options).then((request) => request(axios, basePath)); }, /** * This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. * @summary Get OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiGetOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOidcDynamicClient(requestParameters: OidcApiGetOidcDynamicClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOidcDynamicClient(requestParameters.id, options).then((request) => request(axios, basePath)); }, /** * This endpoint returns the payload of the ID Token, including `session.id_token` values, of the provided OAuth 2.0 Access Token\'s consent request. In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) for more details about header format. * @summary OpenID Connect Userinfo * @param {*} [options] Override http request option. * @throws {RequiredError} */ getOidcUserInfo(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.getOidcUserInfo(options).then((request) => request(axios, basePath)); }, /** * This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates OpenID Connect Front- / Back-channel logout: https://openid.net/specs/openid-connect-frontchannel-1_0.html https://openid.net/specs/openid-connect-backchannel-1_0.html Back-channel logout is performed asynchronously and does not affect logout flow. * @summary OpenID Connect Front- and Back-channel Enabled Logout * @param {*} [options] Override http request option. * @throws {RequiredError} */ revokeOidcSession(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.revokeOidcSession(options).then((request) => request(axios, basePath)); }, /** * This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of facing the public internet directly to be used by third parties. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature is disabled per default. It can be enabled by a system administrator. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiSetOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} */ setOidcDynamicClient(requestParameters: OidcApiSetOidcDynamicClientRequest, options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.setOidcDynamicClient(requestParameters.id, requestParameters.oAuth2Client, options).then((request) => request(axios, basePath)); }, }; }; /** * Request parameters for createOidcDynamicClient operation in OidcApi. * @export * @interface OidcApiCreateOidcDynamicClientRequest */ export interface OidcApiCreateOidcDynamicClientRequest { /** * Dynamic Client Registration Request Body * @type {OAuth2Client} * @memberof OidcApiCreateOidcDynamicClient */ readonly oAuth2Client: OAuth2Client } /** * Request parameters for createVerifiableCredential operation in OidcApi. * @export * @interface OidcApiCreateVerifiableCredentialRequest */ export interface OidcApiCreateVerifiableCredentialRequest { /** * * @type {CreateVerifiableCredentialRequestBody} * @memberof OidcApiCreateVerifiableCredential */ readonly createVerifiableCredentialRequestBody?: CreateVerifiableCredentialRequestBody } /** * Request parameters for deleteOidcDynamicClient operation in OidcApi. * @export * @interface OidcApiDeleteOidcDynamicClientRequest */ export interface OidcApiDeleteOidcDynamicClientRequest { /** * The id of the OAuth 2.0 Client. * @type {string} * @memberof OidcApiDeleteOidcDynamicClient */ readonly id: string } /** * Request parameters for getOidcDynamicClient operation in OidcApi. * @export * @interface OidcApiGetOidcDynamicClientRequest */ export interface OidcApiGetOidcDynamicClientRequest { /** * The id of the OAuth 2.0 Client. * @type {string} * @memberof OidcApiGetOidcDynamicClient */ readonly id: string } /** * Request parameters for setOidcDynamicClient operation in OidcApi. * @export * @interface OidcApiSetOidcDynamicClientRequest */ export interface OidcApiSetOidcDynamicClientRequest { /** * OAuth 2.0 Client ID * @type {string} * @memberof OidcApiSetOidcDynamicClient */ readonly id: string /** * OAuth 2.0 Client Request Body * @type {OAuth2Client} * @memberof OidcApiSetOidcDynamicClient */ readonly oAuth2Client: OAuth2Client } /** * OidcApi - object-oriented interface * @export * @class OidcApi * @extends {BaseAPI} */ export class OidcApi extends BaseAPI { /** * This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. Please note that using this endpoint you are not able to choose the `client_secret` nor the `client_id` as those values will be server generated when specifying `token_endpoint_auth_method` as `client_secret_basic` or `client_secret_post`. The `client_secret` will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somewhere safe. * @summary Register OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiCreateOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public createOidcDynamicClient(requestParameters: OidcApiCreateOidcDynamicClientRequest, options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).createOidcDynamicClient(requestParameters.oAuth2Client, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint creates a verifiable credential that attests that the user authenticated with the provided access token owns a certain public/private key pair. More information can be found at https://openid.net/specs/openid-connect-userinfo-vc-1_0.html. * @summary Issues a Verifiable Credential * @param {OidcApiCreateVerifiableCredentialRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public createVerifiableCredential(requestParameters: OidcApiCreateVerifiableCredentialRequest = {}, options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).createVerifiableCredential(requestParameters.createVerifiableCredentialRequestBody, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol * @param {OidcApiDeleteOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public deleteOidcDynamicClient(requestParameters: OidcApiDeleteOidcDynamicClientRequest, options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).deleteOidcDynamicClient(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * A mechanism for an OpenID Connect Relying Party to discover the End-User\'s OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. For a full list of clients go here: https://openid.net/developers/certified/ * @summary OpenID Connect Discovery * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public discoverOidcConfiguration(options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).discoverOidcConfiguration(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. * @summary Get OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiGetOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public getOidcDynamicClient(requestParameters: OidcApiGetOidcDynamicClientRequest, options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).getOidcDynamicClient(requestParameters.id, options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint returns the payload of the ID Token, including `session.id_token` values, of the provided OAuth 2.0 Access Token\'s consent request. In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) for more details about header format. * @summary OpenID Connect Userinfo * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public getOidcUserInfo(options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).getOidcUserInfo(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates OpenID Connect Front- / Back-channel logout: https://openid.net/specs/openid-connect-frontchannel-1_0.html https://openid.net/specs/openid-connect-backchannel-1_0.html Back-channel logout is performed asynchronously and does not affect logout flow. * @summary OpenID Connect Front- and Back-channel Enabled Logout * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public revokeOidcSession(options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).revokeOidcSession(options).then((request) => request(this.axios, this.basePath)); } /** * This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of facing the public internet directly to be used by third parties. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature is disabled per default. It can be enabled by a system administrator. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. To use this endpoint, you will need to present the client\'s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth2 Client using OpenID Dynamic Client Registration * @param {OidcApiSetOidcDynamicClientRequest} requestParameters Request parameters. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OidcApi */ public setOidcDynamicClient(requestParameters: OidcApiSetOidcDynamicClientRequest, options?: RawAxiosRequestConfig) { return OidcApiFp(this.configuration).setOidcDynamicClient(requestParameters.id, requestParameters.oAuth2Client, options).then((request) => request(this.axios, this.basePath)); } } /** * WellknownApi - axios parameter creator * @export */ export const WellknownApiAxiosParamCreator = function (configuration?: Configuration) { return { /** * This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. Adding custom keys requires first creating a keyset via the createJsonWebKeySet operation, and then configuring the webfinger.jwks.broadcast_keys configuration value to include the keyset name. * @summary Discover Well-Known JSON Web Keys * @param {*} [options] Override http request option. * @throws {RequiredError} */ discoverJsonWebKeys: async (options: RawAxiosRequestConfig = {}): Promise => { const localVarPath = `/.well-known/jwks.json`; // use dummy base URL string because the URL constructor only accepts absolute URLs. const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL); let baseOptions; if (configuration) { baseOptions = configuration.baseOptions; } const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options}; const localVarHeaderParameter = {} as any; const localVarQueryParameter = {} as any; setSearchParams(localVarUrlObj, localVarQueryParameter); let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {}; localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers}; return { url: toPathString(localVarUrlObj), options: localVarRequestOptions, }; }, } }; /** * WellknownApi - functional programming interface * @export */ export const WellknownApiFp = function(configuration?: Configuration) { const localVarAxiosParamCreator = WellknownApiAxiosParamCreator(configuration) return { /** * This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. Adding custom keys requires first creating a keyset via the createJsonWebKeySet operation, and then configuring the webfinger.jwks.broadcast_keys configuration value to include the keyset name. * @summary Discover Well-Known JSON Web Keys * @param {*} [options] Override http request option. * @throws {RequiredError} */ async discoverJsonWebKeys(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise> { const localVarAxiosArgs = await localVarAxiosParamCreator.discoverJsonWebKeys(options); const localVarOperationServerIndex = configuration?.serverIndex ?? 0; const localVarOperationServerBasePath = operationServerMap['WellknownApi.discoverJsonWebKeys']?.[localVarOperationServerIndex]?.url; return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath); }, } }; /** * WellknownApi - factory interface * @export */ export const WellknownApiFactory = function (configuration?: Configuration, basePath?: string, axios?: AxiosInstance) { const localVarFp = WellknownApiFp(configuration) return { /** * This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. Adding custom keys requires first creating a keyset via the createJsonWebKeySet operation, and then configuring the webfinger.jwks.broadcast_keys configuration value to include the keyset name. * @summary Discover Well-Known JSON Web Keys * @param {*} [options] Override http request option. * @throws {RequiredError} */ discoverJsonWebKeys(options?: RawAxiosRequestConfig): AxiosPromise { return localVarFp.discoverJsonWebKeys(options).then((request) => request(axios, basePath)); }, }; }; /** * WellknownApi - object-oriented interface * @export * @class WellknownApi * @extends {BaseAPI} */ export class WellknownApi extends BaseAPI { /** * This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. Adding custom keys requires first creating a keyset via the createJsonWebKeySet operation, and then configuring the webfinger.jwks.broadcast_keys configuration value to include the keyset name. * @summary Discover Well-Known JSON Web Keys * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof WellknownApi */ public discoverJsonWebKeys(options?: RawAxiosRequestConfig) { return WellknownApiFp(this.configuration).discoverJsonWebKeys(options).then((request) => request(this.axios, this.basePath)); } }