import { AxiosRequestConfig, AxiosResponse, AxiosInstance } from 'axios'; import { Reader } from 'properties-reader'; interface NoIdObjectSkeletonInterface { _rev?: string; [k: string]: string | number | boolean | string[] | IdObjectSkeletonInterface | object | undefined; } interface IdObjectSkeletonInterface extends NoIdObjectSkeletonInterface { _id?: string; } interface AmConfigEntityInterface extends IdObjectSkeletonInterface { _type?: EntityType; } type Readable = Type; type Writable = { inherited: boolean; value?: Type; }; type PagedResult = { result: Type[]; resultCount: number; pagedResultsCookie: string; totalPagedResultsPolicy: 'EXACT' | 'NONE'; totalPagedResults: number; remainingPagedResults: number; }; type EntityType = IdObjectSkeletonInterface & { name: string; collection: boolean; }; interface FeatureInterface extends IdObjectSkeletonInterface { installedVersion: string; availableVersions: string[]; } type CallbackType = 'NameCallback' | 'PasswordCallback' | 'TextInputCallback'; type CallbackKeyValuePair = { name: string; value: any; }; type Callback = { type: CallbackType; output: CallbackKeyValuePair[]; input: CallbackKeyValuePair[]; }; type CallbackHandler = (callback: Callback) => Callback; type Jose = { createJwkRsa(): Promise; getJwkRsaPublic(jwkJson: JwkRsa): Promise; createJwks(...keys: JwkInterface[]): JwksInterface; createSignedJwtToken(payload: string | object, jwkJson: JwkRsa): Promise; verifySignedJwtToken(jwt: string, jwkJson: JwkRsaPublic): Promise; }; interface JwkInterface { kty: string; use?: string; key_ops?: string[]; alg: string; kid?: string; x5u?: string; x5c?: string; x5t?: string; 'x5t#S256'?: string; } type JwkRsa = JwkInterface & { d: string; dp: string; dq: string; e: string; n: string; p: string; q: string; qi: string; }; type JwkRsaPublic = JwkInterface & { e: string; n: string; }; interface JwksInterface { keys: JwkInterface[]; } type AccessTokenResponseType = { access_token: string; id_token?: string; scope: string; token_type: string; expires_in: number; }; type TokenInfoResponseType = { sub: string; cts: string; auditTrackingId: string; subname: string; iss: string; tokenName: string; token_type: string; authGrantId: string; access_token: string; aud: string; nbf: number; grant_type: string; scope: string[]; auth_time: number; sessionToken?: string; realm: string; exp: number; iat: number; expires_in: number; jti: string; [k: string]: string | number | string[]; }; type AccessTokenMetaType = AccessTokenResponseType & { expires: number; from_cache?: boolean; }; type OAuth2Oidc = { authorize(amBaseUrl: string, data: string, config: AxiosRequestConfig): Promise>; accessToken(amBaseUrl: string, data: any, config: AxiosRequestConfig): Promise; accessTokenRfc7523AuthZGrant(clientId: string, jwt: string, scope: string[], config?: AxiosRequestConfig): Promise; getTokenInfo(amBaseUrl: string, config: AxiosRequestConfig): Promise; clientCredentialsGrant(amBaseUrl: string, clientId: string, clientSecret: string, scope: string): Promise; }; type Authenticate = { /** * Get tokens and store them in State * @param {boolean} forceLoginAsUser true to force login as user even if a service account is available (default: false) * @param {boolean} autoRefresh true to automatically refresh tokens before they expire (default: true) * @param {string[]} types Array of supported deployment types. The function will throw an error if an unsupported type is detected (default: ['classic', 'cloud', 'forgeops']) * @param {CallbackHandler} callbackHandler function allowing the library to collect responses from the user through callbacks * @returns {Promise} object containing the tokens */ getTokens(forceLoginAsUser?: boolean, autoRefresh?: boolean, types?: string[], callbackHandler?: CallbackHandler): Promise; /** * Get access token for service account * @param {string} saId optional service account id * @param {JwkRsa} saJwk optional service account JWK * @returns {string | null} Access token or null * @deprecated since v2.0.0 use {@link Authenticate.getTokens | getTokens} instead * ```javascript * getTokens(): Promise * ``` * @group Deprecated */ getAccessTokenForServiceAccount(saId?: string, saJwk?: JwkRsa): Promise; }; type UserSessionMetaType = { tokenId: string; successUrl: string; realm: string; expires: number; from_cache?: boolean; }; type Tokens = { bearerToken?: AccessTokenMetaType; userSessionToken?: UserSessionMetaType; subject?: string; host?: string; realm?: string; }; type ProgressIndicatorType = 'determinate' | 'indeterminate'; type ProgressIndicatorStatusType = 'none' | 'success' | 'warn' | 'fail'; type State = { /** * Get a clone of the full state as an object * @returns a clone of the state */ getState(): StateInterface; /** * Set the AM host base URL * @param host Access Management base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring. */ setHost(host: string): void; /** * Get the AM host base URL * @returns the AM host base URL */ getHost(): string; /** * Set the IDM host base URL * @param host Identity Management base URL, e.g.: https://cdk.iam.example.com/openidm. To use a connection profile, just specify a unique substring. */ setIdmHost(host: string): void; /** * Get the IDM host base URL * @returns the IDM host base URL */ getIdmHost(): string; setUsername(username: string): void; getUsername(): string; setPassword(password: string): void; getPassword(): string; setRealm(realm: string): void; getRealm(): string; setUseRealmPrefixOnManagedObjects(useRealmPrefixOnManagedObjects: boolean): void; getUseRealmPrefixOnManagedObjects(): boolean; setDeploymentType(type: string): void; getDeploymentType(): string; setAdminClientId(type: string): void; getAdminClientId(): string; setAdminClientRedirectUri(type: string): void; getAdminClientRedirectUri(): string; setAllowInsecureConnection(allowInsecureConnection: boolean): void; getAllowInsecureConnection(): boolean; setCookieName(name: string): void; getCookieName(): string; setUserSessionTokenMeta(value: UserSessionMetaType): void; getCookieValue(): string; getUserSessionTokenMeta(): UserSessionMetaType; setFeatures(features: FeatureInterface[]): void; getFeatures(): FeatureInterface[]; setAuthenticationHeaderOverrides(overrides: Record): void; getAuthenticationHeaderOverrides(): Record; setAuthenticationService(service: string): void; getAuthenticationService(): string; setServiceAccountId(uuid: string): void; getServiceAccountId(): string; setServiceAccountJwk(jwk: JwkRsa): void; getServiceAccountJwk(): JwkRsa; setServiceAccountScope(scope: string): void; getServiceAccountScope(): string; setUseBearerTokenForAmApis(useBearerTokenForAmApis: boolean): void; getUseBearerTokenForAmApis(): boolean; setBearerTokenMeta(token: AccessTokenMetaType): void; getBearerToken(): string; getBearerTokenMeta(): AccessTokenMetaType; setLogApiKey(key: string): void; getLogApiKey(): string; setLogApiSecret(secret: string): void; getLogApiSecret(): string; setAmVersion(version: string): void; getAmVersion(): string; setFrodoVersion(version: string): void; getFrodoVersion(): string; setConnectionProfilesPath(path: string): void; getConnectionProfilesPath(): string; setUseTokenCache(useTokenCache: boolean): void; getUseTokenCache(): boolean; setTokenCachePath(path: string): void; getTokenCachePath(): string; setMasterKeyPath(path: string): void; getMasterKeyPath(): string; setOutputFile(file: string): void; getOutputFile(): string; setDirectory(directory: string): void; getDirectory(): string; setAutoRefreshTimer(timer: NodeJS.Timeout): void; getAutoRefreshTimer(): NodeJS.Timeout; setCurlirizeHandler(handler: (message: string) => void): void; getCurlirizeHandler(): (message: string) => void; setCurlirize(curlirize: boolean): void; getCurlirize(): boolean; setCreateProgressHandler(handler: (type: ProgressIndicatorType, total?: number, message?: string) => string): void; getCreateProgressHandler(): (type: ProgressIndicatorType, total?: number, message?: string) => string; setUpdateProgressHandler(handler: (id: string, message: string) => void): void; getUpdateProgressHandler(): (id: string, message: string) => void; setStopProgressHandler(handler: (id: string, message: string, status?: ProgressIndicatorStatusType) => void): void; getStopProgressHandler(): (id: string, message: string, status?: ProgressIndicatorStatusType) => void; setPrintHandler(handler: (message: string | object, type?: string, newline?: boolean) => void): void; getPrintHandler(): (message: string | object, type?: string, newline?: boolean) => void; setErrorHandler(handler: (error: Error, message?: string) => void): void; getErrorHandler(): (error: Error, message?: string) => void; setVerboseHandler(handler: (message: string | object) => void): void; getVerboseHandler(): (message: string | object) => void; setVerbose(verbose: boolean): void; getVerbose(): boolean; setDebugHandler(handler: (message: string | object) => void): void; getDebugHandler(): (message: string | object) => void; setDebug(debug: boolean): void; getDebug(): boolean; /** * Reset the state to default values */ reset(): void; /** * @deprecated since v0.17.0 use `setHost(host: string)` instead */ setTenant(tenant: string): void; /** * @deprecated since v0.17.0 use `getHost` instead */ getTenant(): string; }; interface StateInterface { host?: string; idmHost?: string; username?: string; password?: string; realm?: string; useRealmPrefixOnManagedObjects?: boolean; deploymentType?: string; adminClientId?: string; adminClientRedirectUri?: string; allowInsecureConnection?: boolean; authenticationHeaderOverrides?: Record; authenticationService?: string; cookieName?: string; userSessionToken?: UserSessionMetaType; features?: FeatureInterface[]; serviceAccountId?: string; serviceAccountJwk?: JwkRsa; serviceAccountScope?: string; useBearerTokenForAmApis?: boolean; bearerToken?: AccessTokenMetaType; logApiKey?: string; logApiSecret?: string; amVersion?: string; frodoVersion?: string; connectionProfilesPath?: string; useTokenCache?: boolean; tokenCachePath?: string; masterKeyPath?: string; outputFile?: string; directory?: string; autoRefreshTimer?: NodeJS.Timeout; printHandler?: (message: string | object, type?: string, newline?: boolean) => void; errorHandler?: (error: Error, message: string) => void; verboseHandler?: (message: string | object) => void; verbose?: boolean; debugHandler?: (message: string | object) => void; debug?: boolean; curlirizeHandler?: (message: string) => void; curlirize?: boolean; createProgressHandler?: (type: ProgressIndicatorType, total?: number, message?: string) => string; updateProgressHandler?: (id: string, message: string) => void; stopProgressHandler?: (id: string, message: string, status?: string) => void; } type OAuth2ClientSkeleton = AmConfigEntityInterface & { overrideOAuth2ClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; advancedOAuth2ClientConfig?: { descriptions: { inherited: boolean; value: string[]; }; grantTypes?: Readable | Writable; isConsentImplied?: Readable | Writable; tokenEndpointAuthMethod?: Readable | Writable; responseTypes?: Readable | Writable; [k: string]: string | number | boolean | string[] | object | undefined; }; signEncOAuth2ClientConfig?: { jwkSet?: Readable | Writable; publicKeyLocation?: Readable | Writable; [k: string]: string | number | boolean | string[] | object | undefined; }; coreOpenIDClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; coreOAuth2ClientConfig?: { userpassword?: string; clientName?: Readable | Writable; clientType?: Readable | Writable; accessTokenLifetime?: Readable | Writable; scopes?: Readable | Writable; defaultScopes?: { value: string[]; [k: string]: string | number | boolean | string[] | object | undefined; }; [k: string]: string | number | boolean | string[] | object | undefined; }; coreUmaClientConfig?: { [k: string]: string | number | boolean | string[] | object | undefined; }; }; type OAuth2TrustedJwtIssuerSkeleton = IdObjectSkeletonInterface & { allowedSubjects?: Readable | Writable; jwksCacheTimeout?: Readable | Writable; jwkSet?: Readable | Writable; consentedScopesClaim?: Readable | Writable; issuer: Readable | Writable; jwkStoreCacheMissCacheTime?: Readable | Writable; resourceOwnerIdentityClaim?: Readable | Writable; jwksUri?: Readable | Writable; _type: { _id: 'TrustedJwtIssuer'; name: 'OAuth2 Trusted JWT Issuer'; collection: true; }; }; type Admin = { generateRfc7523AuthZGrantArtefacts(clientId: string, iss: string, jwk?: JwkRsa, sub?: string, scope?: string[], options?: { save: boolean; }): Promise<{ jwk: JwkRsa; jwks: JwksInterface; client: OAuth2ClientSkeleton; issuer: OAuth2TrustedJwtIssuerSkeleton; }>; executeRfc7523AuthZGrantFlow(clientId: string, iss: string, jwk: JwkRsa, sub: string, scope?: string[]): Promise; generateRfc7523ClientAuthNArtefacts(clientId: string, aud?: string, jwk?: JwkRsa, options?: { save: boolean; }): Promise<{ jwk: JwkRsa; jwks: JwksInterface; jwt: any; client: OAuth2ClientSkeleton; }>; trainAA(apiKey: string, apiSecret: string, customUsernames?: string[], customUserAgents?: string[], customIPs?: string[], loginsPerUser?: number, service?: string): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listOAuth2CustomClients(): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listOAuth2AdminClients(): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ listNonOAuth2AdminStaticUserMappings(showProtected: boolean): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ addAutoIdStaticUserMapping(): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ grantOAuth2ClientAdminPrivileges(clientId: string): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ revokeOAuth2ClientAdminPrivileges(clientId: string): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ createOAuth2ClientWithAdminPrivileges(clientId: string, clientSecret: string): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ createLongLivedToken(clientId: string, clientSecret: string, scope: string, secret: string | boolean, lifetime: number): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ removeStaticUserMapping(subject: string): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ hideGenericExtensionAttributes(includeCustomized: boolean, dryRun: boolean): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ showGenericExtensionAttributes(includeCustomized: boolean, dryRun: boolean): Promise; /** * @deprecated Deprecated since v2.0.0. This function may be removed in future versions. Similar functionality has been added to the frodo-cli code base. * @group Deprecated */ repairOrgModel(excludeCustomized: boolean, extendPermissions: boolean, dryRun: boolean): Promise; }; type GatewayAgentType = 'IdentityGatewayAgent'; type JavaAgentType = 'J2EEAgent'; type WebAgentType = 'WebAgent'; type AgentType = GatewayAgentType | JavaAgentType | WebAgentType | EntityType; type AgentSkeleton = AmConfigEntityInterface; interface ExportMetaData { origin: string; originAmVersion: string; exportedBy: string; exportDate: string; exportTool: string; exportToolVersion: string; } type Agent = { /** * Create an empty agent export template * @returns {AgentExportInterface} an empty agent export template */ createAgentExportTemplate(): AgentExportInterface; /** * Read all agents. * @returns {Promise} a promise that resolves to an array of agent objects */ readAgents(): Promise; /** * Read agent * @param {string} agentId agent id/name * @returns {Promise} a promise that resolves to an agent object */ readAgent(agentId: string): Promise; /** * Read agent by type and id * @param {string} agentType agent type (IdentityGatewayAgent, J2EEAgent, WebAgent) * @param {string} agentId agent id/name * @returns {Promise} a promise that resolves to an agent object */ readAgentByTypeAndId(agentType: AgentType, agentId: string): Promise; /** * Read identity gateway agents * @returns {Promise} a promise that resolves to an array of IdentityGatewayAgent objects */ readIdentityGatewayAgents(): Promise; /** * Read identity gateway agent * @param {string} gatewayId gateway id * @returns {Promise} a promise that resolves to an object containing an IdentityGatewayAgent object */ readIdentityGatewayAgent(gatewayId: string): Promise; /** * Create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise} a promise that resolves to an object containing an IdentityGatewayAgent object */ createIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise; /** * Update or create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise} a promise that resolves to an object containing an IdentityGatewayAgent object */ updateIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise; /** * Read java agents * @returns {Promise} a promise that resolves to an array of J2EEAgent objects */ readJavaAgents(): Promise; /** * Read java agent * @param {string} agentId java agent id * @returns {Promise} a promise that resolves to an object containing an J2EEAgent object */ readJavaAgent(agentId: string): Promise; /** * Put java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise} a promise that resolves to an object containing an java agent object */ createJavaAgent(agentId: string, agentData: AgentSkeleton): Promise; /** * Put java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise} a promise that resolves to an object containing an java agent object */ updateJavaAgent(agentId: string, agentData: AgentSkeleton): Promise; /** * Read web agents * @returns {Promise} a promise that resolves to an array of WebAgent objects */ readWebAgents(): Promise; /** * Read web agent * @param {string} agentId web agent id * @returns {Promise} a promise that resolves to an object containing an WebAgent object */ readWebAgent(agentId: string): Promise; /** * Create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise} a promise that resolves to an object containing an WebAgent object */ createWebAgent(agentId: string, agentData: AgentSkeleton): Promise; /** * Update or create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise} a promise that resolves to an object containing an WebAgent object */ updateWebAgent(agentId: string, agentData: AgentSkeleton): Promise; /** * Export all agents. The response can be saved to file as is. * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportAgents(): Promise; /** * Export all identity gateway agents. The response can be saved to file as is. * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportIdentityGatewayAgents(): Promise; /** * Export all java agents. The response can be saved to file as is. * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportJavaAgents(): Promise; /** * Export all web agents. The response can be saved to file as is. * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportWebAgents(): Promise; /** * Export agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportAgent(agentId: string): Promise; /** * Export identity gateway agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportIdentityGatewayAgent(agentId: string): Promise; /** * Export java agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportJavaAgent(agentId: string): Promise; /** * Export web agent. The response can be saved to file as is. * @param agentId agent id/name * @returns {Promise} Promise resolving to an AgentExportInterface object. */ exportWebAgent(agentId: string): Promise; /** * Import agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. * @returns {Promise} The agents that were imported. */ importAgents(importData: AgentExportInterface): Promise; /** * Import identity gateway agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importIdentityGatewayAgents(importData: AgentExportInterface): Promise; /** * Import java agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importJavaAgents(importData: AgentExportInterface): Promise; /** * Import web agents. The import data is usually read from an agent export file. * @param {AgentExportInterface} importData agent import data. */ importWebAgents(importData: AgentExportInterface): Promise; /** * Import agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise} Promise resolving to an agent object. */ importAgent(agentId: string, importData: AgentExportInterface): Promise; /** * Import identity gateway agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise} Promise resolving to an agent object. */ importIdentityGatewayAgent(agentId: string, importData: AgentExportInterface): Promise; /** * Import java agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise} Promise resolving to an agent object. */ importJavaAgent(agentId: string, importData: AgentExportInterface): Promise; /** * Import java agent. The import data is usually read from an agent export file. * @param {string} agentId agent id/name * @param {AgentExportInterface} importData agent import data. * @returns {Promise} Promise resolving to an agent object. */ importWebAgent(agentId: string, importData: AgentExportInterface): Promise; /** * Delete all agents */ deleteAgents(): Promise; /** * Delete agent * @param agentId agent id/name */ deleteAgent(agentId: string): Promise; /** * Delete all identity gateway agents */ deleteIdentityGatewayAgents(): Promise; /** * Delete identity gateway agent * @param agentId agent id/name */ deleteIdentityGatewayAgent(agentId: string): Promise; /** * Delete all java agents */ deleteJavaAgents(): Promise; /** * Delete java agent * @param agentId agent id/name */ deleteJavaAgent(agentId: string): Promise; /** * Delete all web agents */ deleteWebAgents(): Promise; /** * Delete web agent * @param agentId agent id/name */ deleteWebAgent(agentId: string): Promise; /** * Get all agents. * @returns {Promise} a promise that resolves to an array of agent objects * @deprecated since v2.0.0 use {@link Agent.readAgents | readAgents} instead * ```javascript * readAgents(): Promise * ``` * @group Deprecated */ getAgents(): Promise; /** * Get agent * @param {string} agentId agent id/name * @returns {Promise} a promise that resolves to an agent object * @deprecated since v2.0.0 use {@link Agent.readAgent | readAgent} instead * ```javascript * readAgent(agentId: string): Promise * ``` * @group Deprecated */ getAgent(agentId: string): Promise; /** * Get agent by type and id * @param {string} agentType agent type (IdentityGatewayAgent, J2EEAgent, WebAgent) * @param {string} agentId agent id/name * @returns {Promise} a promise that resolves to an agent object * @deprecated since v2.0.0 use {@link Agent.readAgentByTypeAndId | readAgentByTypeAndId} instead * ```javascript * readAgentByTypeAndId(agentType: AgentType, agentId: string): Promise * ``` * @group Deprecated */ getAgentByTypeAndId(agentType: AgentType, agentId: string): Promise; /** * Get identity gateway agents * @returns {Promise} a promise that resolves to an array of IdentityGatewayAgent objects * @deprecated since v2.0.0 use {@link Agent.readIdentityGatewayAgents | readIdentityGatewayAgents} instead * ```javascript * readIdentityGatewayAgents(): Promise * ``` * @group Deprecated */ getIdentityGatewayAgents(): Promise; /** * Get identity gateway agent * @param {string} gatewayId gateway id * @returns {Promise} a promise that resolves to an object containing an IdentityGatewayAgent object * @deprecated since v2.0.0 use {@link Agent.readIdentityGatewayAgent | readIdentityGatewayAgent} instead * ```javascript * readIdentityGatewayAgent(gatewayId: string): Promise * ``` * @group Deprecated */ getIdentityGatewayAgent(gatewayId: string): Promise; /** * Update or create identity gateway agent * @param {string} gatewayId gateway id * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object * @returns {Promise} a promise that resolves to an object containing an IdentityGatewayAgent object * @deprecated since v2.0.0 use {@link Agent.updateIdentityGatewayAgent | updateIdentityGatewayAgent} or {@link Agent.createIdentityGatewayAgent | createIdentityGatewayAgent} instead * ```javascript * updateIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise * createIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise * ``` * @group Deprecated */ putIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise; /** * Get java agents * @returns {romise} a promise that resolves to an array of J2EEAgent objects * @deprecated since v2.0.0 use {@link Agent.readJavaAgents | readJavaAgents} instead * ```javascript * readJavaAgents(): Promise * ``` * @group Deprecated */ getJavaAgents(): Promise; /** * Get java agent * @param {string} agentId java agent id * @returns {Promise} a promise that resolves to an object containing an J2EEAgent object * @deprecated since v2.0.0 use {@link Agent.readJavaAgent | readJavaAgent} instead * ```javascript * readJavaAgent(agentId: string): Promise * ``` * @group Deprecated */ getJavaAgent(agentId: string): Promise; /** * Update or create java agent * @param {string} agentId java agent id * @param {AgentSkeleton} agentData java agent object * @returns {Promise} a promise that resolves to an object containing an java agent object * @deprecated since v2.0.0 use {@link Agent.updateJavaAgent | updateJavaAgent} or {@link Agent.createJavaAgent | createJavaAgent} instead * ```javascript * updateJavaAgent(agentId: string, agentData: AgentSkeleton): Promise * createJavaAgent(agentId: string, agentData: AgentSkeleton): Promise * ``` * @group Deprecated */ putJavaAgent(agentId: string, agentData: AgentSkeleton): Promise; /** * Get web agents * @returns {Promise} a promise that resolves to an array of WebAgent objects * @deprecated since v2.0.0 use {@link Agent.readWebAgents | readWebAgents} instead * ```javascript * readWebAgents(): Promise * ``` * @group Deprecated */ getWebAgents(): Promise; /** * Get web agent * @param {string} agentId web agent id * @returns {Promise} a promise that resolves to an object containing an WebAgent object * @deprecated since v2.0.0 use {@link Agent.readWebAgent | readWebAgent} instead * ```javascript * readWebAgent(agentId: string): Promise * ``` * @group Deprecated */ getWebAgent(agentId: string): Promise; /** * Update or create web agent * @param {string} agentId web agent id * @param {AgentSkeleton} agentData WebAgent object * @returns {Promise} a promise that resolves to an object containing an WebAgent object * @deprecated since v2.0.0 use {@link Agent.updateWebAgent | updateWebAgent} or {@link Agent.createWebAgent | createWebAgent} instead * ```javascript * updateWebAgent(agentId: string, agentData: AgentSkeleton): Promise * createWebAgent(agentId: string, agentData: AgentSkeleton): Promise * ``` * @group Deprecated */ putWebAgent(agentId: string, agentData: AgentSkeleton): Promise; }; interface AgentExportInterface { meta?: ExportMetaData; agent: Record; } type ResourceConfig = { apiVersion?: string; }; type ApiFactory = { /** * Generates an AM Axios API instance * @param {ResourceConfig} resource Takes an object takes a resource object. example: * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either * add on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateAmApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an OAuth2 Axios API instance * @param {ResourceConfig} resource Takes a resource object. example: * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either * add on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateOauth2Api(resource: ResourceConfig, requestOverride?: AxiosRequestConfig, authenticate?: boolean): AxiosInstance; /** * Generates an IDM Axios API instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateIdmApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a LogKeys API Axios instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateLogKeysApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a Log API Axios instance * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateLogApi(requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an Axios instance for the Identity Cloud Environment API * @param {ResourceConfig} resource Resource config object. * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateEnvApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates an Axios instance for the Identity Cloud Governance API * @param {ResourceConfig} resource Resource config object. * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateGovernanceApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance; /** * Generates a release (Github or Npm) Axios API instance * @param {string} baseUrl Base URL for the request * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add * on extra information or override default properties https://github.com/axios/axios#request-config * * @returns {AxiosInstance} Returns a reaady to use Axios instance */ generateReleaseApi(baseUrl: string, requestOverride?: AxiosRequestConfig): AxiosInstance; }; type CircleOfTrustSkeleton = AmConfigEntityInterface & { status?: string; trustedProviders?: string[]; }; type Saml2ProiderLocation = 'hosted' | 'remote'; type Saml2ProviderStub = IdObjectSkeletonInterface & { entityId: string; location: Saml2ProiderLocation; roles: string[]; }; type Saml2ProviderSkeleton = IdObjectSkeletonInterface & { entityId: string; entityLocation: Saml2ProiderLocation; serviceProvider: unknown; identityProvider: { assertionProcessing?: { attributeMapper?: { attributeMapperScript?: string; }; }; advanced?: { idpAdapter?: { idpAdapterScript?: string; }; }; }; attributeQueryProvider: unknown; xacmlPolicyEnforcementPoint: unknown; }; type ScriptLanguage = 'GROOVY' | 'JAVASCRIPT'; type ScriptContext = 'OAUTH2_ACCESS_TOKEN_MODIFICATION' | 'AUTHENTICATION_CLIENT_SIDE' | 'AUTHENTICATION_TREE_DECISION_NODE' | 'AUTHENTICATION_SERVER_SIDE' | 'SOCIAL_IDP_PROFILE_TRANSFORMATION' | 'OAUTH2_VALIDATE_SCOPE' | 'CONFIG_PROVIDER_NODE' | 'OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER' | 'OAUTH2_EVALUATE_SCOPE' | 'POLICY_CONDITION' | 'OIDC_CLAIMS' | 'SAML2_IDP_ADAPTER' | 'SAML2_IDP_ATTRIBUTE_MAPPER' | 'OAUTH2_MAY_ACT' | 'LIBRARY'; type ScriptSkeleton = IdObjectSkeletonInterface & { name: string; description: string; default: boolean; script: string | string[]; language: ScriptLanguage; context: ScriptContext; createdBy: string; creationDate: number; lastModifiedBy: string; lastModifiedDate: number; }; type Mapping = { /** * Create an empty mapping export template * @returns {MappingExportInterface} an empty mapping export template */ createMappingExportTemplate(): MappingExportInterface; /** * Read mappings from sync.json (legacy) * @returns {Promise} a promise that resolves to an array of mapping objects */ readSyncMappings(): Promise; /** * Read mappings * @param {string} connectorId limit mappings to connector * @param {string} moType limit mappings to managed object type * @returns {Promise} a promise that resolves to an array of mapping objects */ readMappings(connectorId?: string, moType?: string): Promise; /** * Read mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @returns {Promise} a promise that resolves an mapping object */ readMapping(mappingId: string): Promise; /** * Create mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @param {MappingSkeleton} mappingData mapping object * @returns {Promise} a promise that resolves to an mapping object */ createMapping(mappingId: string, mappingData: MappingSkeleton): Promise; /** * Update or create mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @param {MappingSkeleton} mappingData mapping object * @returns {Promise} a promise that resolves to an mapping object */ updateMapping(mappingId: string, mappingData: MappingSkeleton): Promise; /** * Update or create mappings in sync.json (legacy) * @param {MappingSkeleton} mappingData mapping object * @returns {Promise} a promise that resolves to an mapping object */ updateSyncMappings(mappings: MappingSkeleton[]): Promise; /** * Delete all mappings * @param {string} connectorId limit mappings to connector * @param {string} moType limit mappings to managed object type * @returns {Promise} a promise that resolves to an array of mapping objects */ deleteMappings(connectorId?: string, moType?: string): Promise; /** * Delete mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @returns {Promise} a promise that resolves an mapping object */ deleteMapping(mappingId: string): Promise; /** * Export mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @param {MappingExportOptions} options export options * @returns {Promise} a promise that resolves to a MappingExportInterface object */ exportMapping(mappingId: string, options?: MappingExportOptions): Promise; /** * Export all mappings * @param {MappingExportOptions} options export options * @returns {Promise} a promise that resolves to a MappingExportInterface object */ exportMappings(options?: MappingExportOptions): Promise; /** * Import mapping * @param {string} mappingId id of the mapping (new: 'mapping/\', legacy: 'sync/\') * @param {MappingExportInterface} importData import data * @param {MappingImportOptions} options import options * @returns {Promise} a promise resolving to a MappingSkeleton object */ importMapping(mappingId: string, importData: MappingExportInterface, options?: MappingImportOptions): Promise; /** * Import first mapping * @param {MappingExportInterface} importData import data * @param {MappingImportOptions} options import options * @returns {Promise} a promise resolving to a MappingSkeleton object */ importFirstMapping(importData: MappingExportInterface, options?: MappingImportOptions): Promise; /** * Import all mappings * @param {MappingExportInterface} importData import data * @param {MappingImportOptions} options import options * @returns {Promise} a promise resolving to an array of MappingSkeleton objects */ importMappings(importData: MappingExportInterface, options?: MappingImportOptions): Promise; /** * Helper that returns a boolean indicating whether the mapping is a legacy mapping or not given the id * @param {string} mappingId the mapping id * @returns {boolean} true if the mapping is a legacy mapping, false otherwise * @throws {FrodoError} if the id is invalid */ isLegacyMapping(mappingId: string): boolean; }; type MappingPolicy = { action: 'CREATE' | 'DELETE' | 'EXCEPTION' | 'IGNORE' | 'UPDATE'; situation: 'ABSENT' | 'ALL_GONE' | 'AMBIGUOUS' | 'CONFIRMED' | 'FOUND' | 'FOUND_ALREADY_LINKED' | 'LINK_ONLY' | 'MISSING' | 'SOURCE_IGNORED' | 'SOURCE_MISSING' | 'TARGET_IGNORED' | 'UNASSIGNED' | 'UNQUALIFIED'; }; type MappingProperty = { source?: string; target: string; transform?: { globals: any; source: string; type: string; }; }; type MappingSkeleton = IdObjectSkeletonInterface & { name: string; displayName?: string; linkQualifiers?: string[]; consentRequired?: boolean; policies?: MappingPolicy[]; properties?: MappingProperty[]; source?: string; target?: string; syncAfter?: string[]; }; type SyncSkeleton = IdObjectSkeletonInterface & { mappings: MappingSkeleton[]; }; interface MappingExportInterface { meta?: ExportMetaData; mapping: Record; sync: SyncSkeleton; } /** * Mapping export options */ interface MappingExportOptions { /** * Use string arrays to store multi-line text in scripts. */ useStringArrays: boolean; /** * Include any dependencies. */ deps: boolean; /** * limit mappings to connector */ connectorId?: string; /** * limit mappings to managed object type */ moType?: string; } /** * Mapping import options */ interface MappingImportOptions { /** * Include any dependencies. */ deps: boolean; } type Connector = { /** * Connector type key used to build the IDM id: '/' */ CONNECTOR_TYPE: string; /** * Create an empty connector export template * @returns {ConnectorExportInterface} an empty connector export template */ createConnectorExportTemplate(): ConnectorExportInterface; /** * Get all connectors * @returns {Promise} a promise that resolves to an array of connector objects */ readConnectors(): Promise; /** * Get connector * @param {string} connectorId id/name of the connector without the type prefix * @returns {Promise} a promise that resolves an connector object */ readConnector(connectorId: string): Promise; /** * Create connector * @param {string} connectorId id/name of the connector without the type prefix * @param {ConnectorSkeleton} connectorData connector object * @returns {Promise} a promise that resolves to an connector object */ createConnector(connectorId: string, connectorData: ConnectorSkeleton): Promise; /** * Update or create connector * @param {string} connectorId id/name of the connector without the type prefix * @param {ConnectorSkeleton} connectorData connector object * @returns {Promise} a promise that resolves to an connector object */ updateConnector(connectorId: string, connectorData: ConnectorSkeleton): Promise; /** * Delete all connectors * @returns {Promise} a promise that resolves to an array of connector objects */ deleteConnectors(): Promise; /** * Delete connector * @param {string} connectorId id/name of the connector without the type prefix * @returns {Promise} a promise that resolves an connector object */ deleteConnector(connectorId: string): Promise; /** * Export connector * @param {string} connectorId id/name of the connector without the type prefix * @param {ConnectorExportOptions} options export options * @returns {Promise} a promise that resolves to a ConnectorExportInterface object */ exportConnector(connectorId: string, options?: ConnectorExportOptions): Promise; /** * Export all connectors * @returns {Promise} a promise that resolves to a ConnectorExportInterface object */ exportConnectors(): Promise; /** * Import connector * @param {string} connectorId id/name of the connector without the type prefix * @param {ConnectorExportInterface} importData import data * @param {ConnectorImportOptions} options import options * @returns {Promise} a promise resolving to a ConnectorSkeleton object */ importConnector(connectorId: string, importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise; /** * Import first connector * @param {ConnectorExportInterface} importData import data * @param {ConnectorImportOptions} options import options * @returns {Promise} a promise resolving to a ConnectorSkeleton object */ importFirstConnector(importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise; /** * Import all connectors * @param {ConnectorExportInterface} importData import data * @param {ConnectorImportOptions} options import options * @returns {Promise} a promise resolving to an array of ConnectorSkeleton objects */ importConnectors(importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise; }; type ObjectPropertyFlag = 'NOT_CREATABLE' | 'NOT_READABLE' | 'NOT_RETURNED_BY_DEFAULT' | 'NOT_UPDATEABLE'; type ObjectPropertyType = 'array' | 'boolean' | 'string'; type ObjectPropertyNativeType = 'array' | 'boolean' | 'string' | 'JAVA_TYPE_BIGDECIMAL' | 'JAVA_TYPE_BIGINTEGER' | 'JAVA_TYPE_BYTE' | 'JAVA_TYPE_BYTE_ARRAY' | 'JAVA_TYPE_CHAR' | 'JAVA_TYPE_CHARACTER' | 'JAVA_TYPE_DATE' | 'JAVA_TYPE_DOUBLE' | 'JAVA_TYPE_FILE' | 'JAVA_TYPE_FLOAT' | 'JAVA_TYPE_GUARDEDBYTEARRAY' | 'JAVA_TYPE_GUARDEDSTRING' | 'JAVA_TYPE_INT' | 'JAVA_TYPE_INTEGER' | 'JAVA_TYPE_LONG' | 'JAVA_TYPE_OBJECT' | 'JAVA_TYPE_PRIMITIVE_BOOLEAN' | 'JAVA_TYPE_PRIMITIVE_BYTE' | 'JAVA_TYPE_PRIMITIVE_DOUBLE' | 'JAVA_TYPE_PRIMITIVE_FLOAT' | 'JAVA_TYPE_PRIMITIVE_LONG' | 'JAVA_TYPE_STRING'; type ObjectPropertySkeleton = { flags?: ObjectPropertyFlag[]; nativeName: string; nativeType: ObjectPropertyNativeType; type: ObjectPropertyType; runAsUser?: boolean; required?: boolean; items?: { nativeType: ObjectPropertyNativeType; type: ObjectPropertyType; }; }; type ObjectTypeSkeleton = { $schema: string; id: string; nativeType: string; properties: Record; type: 'object'; }; type ConnectorSkeleton = IdObjectSkeletonInterface & { configurationProperties: any; connectorRef: { bundleName: string; bundleVersion: string; connectorHostRef: string; connectorName: string; displayName: string; systemType: 'provisioner.openicf'; }; enabled: boolean; objectTypes: Record; }; /** * Connector export options */ interface ConnectorExportOptions { /** * Use string arrays to store multi-line text in scripts. */ useStringArrays: boolean; /** * Include any dependencies (mappings). */ deps: boolean; } /** * Connector import options */ interface ConnectorImportOptions { /** * Include any dependencies (mappings). */ deps: boolean; } interface ConnectorExportInterface { meta?: ExportMetaData; connector: Record; mapping?: Record; } type Application = { /** * Create an empty application export template * @returns {ApplicationExportInterface} an empty application export template */ createApplicationExportTemplate(): ApplicationExportInterface; /** * Get application managed object type * @returns {String} application managed object type in this realm */ getRealmManagedApplication(): string; /** * Create application * @param {string} applicationId application id/name * @param {ApplicationSkeleton} applicationData application data * @returns {Promise} a promise that resolves to an application object */ createApplication(applicationId: string, applicationData: ApplicationSkeleton): Promise; /** * Read application * @param {string} applicationId application uuid * @returns {Promise} a promise that resolves to an application object */ readApplication(applicationId: string): Promise; /** * Read application by name * @param {string} applicationName application name * @returns {Promise} a promise that resolves to an application object */ readApplicationByName(applicationName: string): Promise; /** * Read all applications. Results are sorted aphabetically. * @returns {Promise} a promise that resolves to an array of application objects */ readApplications(): Promise; /** * Update application * @param {string} applicationId application uuid * @param {ApplicationSkeleton} applicationData application data * @returns {Promise} a promise that resolves to an application object */ updateApplication(applicationId: string, applicationData: ApplicationSkeleton): Promise; /** * Delete application * @param {string} applicationId application uuid * @param {boolean} deep deep delete (remove dependencies) * @returns {Promise} a promise that resolves to an application object */ deleteApplication(applicationId: string, deep?: boolean): Promise; /** * Delete application by name * @param {string} applicationName application name * @param {boolean} deep deep delete (remove dependencies) * @returns {Promise} a promise that resolves to an application object */ deleteApplicationByName(applicationName: string, deep?: boolean): Promise; /** * Delete all applications * @param {boolean} deep deep delete (remove dependencies) * @returns {Promise} a promise that resolves to an array of application objects */ deleteApplications(deep?: boolean): Promise; /** * Query applications * @param filter CREST search filter * @param fields array of fields to return */ queryApplications(filter: string, fields?: string[]): Promise; /** * Export application. The response can be saved to file as is. * @param {string} applicationId application uuid * @param {ApplicationExportOptions} options export options * @returns {Promise; /** * Export application by name. The response can be saved to file as is. * @param {string} applicationName application name * @param {ApplicationExportOptions} options export options * @returns {Promise; /** * Export all applications. The response can be saved to file as is. * @returns {Promise} Promise resolving to an ApplicationExportInterface object. */ exportApplications(options?: ApplicationExportOptions): Promise; /** * Import application. The import data is usually read from an application export file. * @param {string} applicationId application uuid * @param {ApplicationExportInterface} importData application import data. * @returns {Promise} Promise resolving to an application object. */ importApplication(applicationId: string, importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise; /** * Import application by name. The import data is usually read from an application export file. * @param {string} applicationName application name * @param {ApplicationExportInterface} importData application import data. * @returns {Promise} Promise resolving to an application object. */ importApplicationByName(applicationName: string, importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise; /** * Import first application. The import data is usually read from an application export file. * @param {ApplicationExportInterface} importData application import data. */ importFirstApplication(importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise; /** * Import applications. The import data is usually read from an application export file. * @param {ApplicationExportInterface} importData application import data. */ importApplications(importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise; }; type ApplicationSkeleton = IdObjectSkeletonInterface & { authoritative: boolean; connectorId: string; description: string; icon: string; mappingNames: string[]; members: any; name: string; owners: any; roles: any; ssoEntities: { idpLocation: string; idpPrivateId: string; spLocation: string; spPrivate: string; }; templateName: string; templateVersion: string; uiConfig: object; url: string; }; /** * Export format for applications */ interface ApplicationExportInterface { /** * Metadata */ meta?: ExportMetaData; /** * Managed applications */ managedApplication: Record; /** * Scripts */ script?: Record; /** * OAuth2 clients */ application?: Record; /** * Saml providers, circles of trust, and metadata */ saml?: { hosted?: Record; remote?: Record; metadata?: Record; cot?: Record; }; /** * connectors */ connector?: Record; /** * mappings */ mapping?: Record; } /** * Application export options */ type ApplicationExportOptions = { /** * Include any dependencies (scripts, oauth2 clients, saml providers, circles of trust, etc). */ deps: boolean; /** * Use string arrays to store multi-line text in scripts. */ useStringArrays: boolean; }; /** * Application export options */ type ApplicationImportOptions = { /** * Import any dependencies (scripts). */ deps: boolean; }; type AuthenticationSettingsSkeleton = IdObjectSkeletonInterface & { _id: ''; _type: { _id: 'EMPTY'; name: 'Core'; collection: false; }; }; type AuthenticationSettings = { /** * Read authentication settings * @returns {Promise} a promise that resolves an authentication settings object */ readAuthenticationSettings(): Promise; /** * Update authentication settings * @param {AuthenticationSettingsSkeleton} settings authentication settings data * @returns {Promise} a promise that resolves an authentication settings object */ updateAuthenticationSettings(settings: AuthenticationSettingsSkeleton): Promise; /** * Export authentication settings * @returns {Promise} a promise that resolves to an AuthenticationSettingsExportInterface object */ exportAuthenticationSettings(): Promise; /** * Import authentication settings * @param {AuthenticationSettingsExportInterface} importData import data */ importAuthenticationSettings(importData: AuthenticationSettingsExportInterface): Promise; }; interface AuthenticationSettingsExportInterface { meta?: ExportMetaData; authentication: AuthenticationSettingsSkeleton; } type CirclesOfTrust = { /** * Create an empty agent export template * @returns {CirclesOfTrustExportInterface} an empty agent export template */ createCirclesOfTrustExportTemplate(): CirclesOfTrustExportInterface; /** * Read all circles of trust * @param {string[]} entityProviders filter by entity providers */ readCirclesOfTrust(entityProviders?: string[]): Promise; /** * Read circle of trust * @param {string} cotId circle of trust id/name */ readCircleOfTrust(cotId: string): Promise; /** * Create circle of trust * @param {string} cotId circle of trust id/name * @param {CircleOfTrustSkeleton} cotData circle of trust data */ createCircleOfTrust(cotId?: string, cotData?: CircleOfTrustSkeleton): Promise; /** * Update circle of trust * @param {string} cotId circle of trust id/name * @param cotData circle of trust data */ updateCircleOfTrust(cotId: string, cotData: CircleOfTrustSkeleton): Promise; /** * Delete circle of trust * @param {string} cotId circle of trust id/name */ deleteCircleOfTrust(cotId: string): Promise; /** * Delete circles of trust * @param {string[]} entityProviders filter by entity providers */ deleteCirclesOfTrust(entityProviders?: string[]): Promise; /** * Export circle of trust * @param {string} cotId circle of trust id/name */ exportCircleOfTrust(cotId: string): Promise; /** * Export all circles of trust * @param {string[]} entityProviders filter by entity providers */ exportCirclesOfTrust(entityProviders?: string[]): Promise; /** * Import a circle of trust by id/name from file * @param {string} cotId Circle of trust id/name * @param {CirclesOfTrustExportInterface} importData Import data * @returns {Promise} a promise resolving to the circle of trust object that was created or updated. Note: If the circle of trust already exists and does not need updating, null is returned. */ importCircleOfTrust(cotId: string, importData: CirclesOfTrustExportInterface): Promise; /** * Import first circle of trust * @param {CirclesOfTrustExportInterface} importData Import data * @returns {Promise} a promise resolving to the circle of trust object that was created or updated. Note: If the circle of trust already exists and does not need updating, null is returned. */ importFirstCircleOfTrust(importData: CirclesOfTrustExportInterface): Promise; /** * Import all circles of trust * @param {string[]} entityProviders filter by entity providers * @param {CirclesOfTrustExportInterface} importData Import data * @returns {Promise} a promise resolving to an array of circle of trust objects that were created or updated. Note: If a circle of trust already exists and does not need updating, it is omitted from the response array. */ importCirclesOfTrust(importData: CirclesOfTrustExportInterface, entityProviders?: string[]): Promise; /** * Get all circles of trust * @returns {Promise} a promise resolving to an array of circle of trust objects * @deprecated since v2.0.0 use {@link CirclesOfTrust.readCirclesOfTrust | readCirclesOfTrust} instead * ```javascript * readCirclesOfTrust(): Promise * ``` * @group Deprecated */ getCirclesOfTrust(): Promise; /** * Get circle of trust * @param {string} cotId circle of trust id/name * @returns {Promise} a promise resolving to a circle of trust object * @deprecated since v2.0.0 use {@link CirclesOfTrust.readCircleOfTrust | readCircleOfTrust} instead * ```javascript * readCircleOfTrust(cotId: string): Promise * ``` * @group Deprecated */ getCircleOfTrust(cotId: string): Promise; }; interface CirclesOfTrustExportInterface { meta?: ExportMetaData; script: Record; saml: { hosted: Record; remote: Record; metadata: Record; cot: Record; }; } type SocialIdpSkeleton = AmConfigEntityInterface & { enabled: boolean; transform: string; }; type AdminFederationConfigSkeleton = IdObjectSkeletonInterface & { groups: { claim: string; mappings: { 'super-admins': string[]; 'tenant-admins': string[]; }; }; }; type AdminFederation = { /** * Create an empty idp export template * @returns {AdminFederationExportInterface} an empty idp export template */ createAdminFederationExportTemplate(): AdminFederationExportInterface; /** * Read all admin federation providers * @returns {Promise} a promise that resolves to an object containing an array of admin federation providers */ readAdminFederationProviders(): Promise; /** * Read admin federation provider * @param {string} providerId social identity provider id/name * @returns {Promise} a promise that resolves a social admin federation object */ readAdminFederationProvider(providerId: string): Promise; /** * Create admin federation provider * @param {string} providerType social identity provider type * @param {string} providerId social identity provider id/name * @param {SocialIdpSkeleton} providerData social identity provider data * @returns {Promise} a promise that resolves a social admin federation object */ createAdminFederationProvider(providerType: string, providerData: SocialIdpSkeleton, providerId?: string): Promise; /** * Update or create admin federation provider * @param {string} providerType social identity provider type * @param {string} providerId social identity provider id/name * @param {SocialIdpSkeleton} providerData social identity provider data * @returns {Promise} a promise that resolves a social admin federation object */ updateAdminFederationProvider(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise; /** * Delete admin federation provider by id * @param {String} providerId admin federation provider id/name * @returns {Promise} a promise that resolves to an admin federation provider object */ deleteAdminFederationProvider(providerId: string): Promise; /** * Export admin federation provider by id * @param {string} providerId provider id/name * @returns {Promise} a promise that resolves to a SocialProviderExportInterface object */ exportAdminFederationProvider(providerId: string): Promise; /** * Export all providers * @returns {Promise} a promise that resolves to a SocialProviderExportInterface object */ exportAdminFederationProviders(): Promise; /** * Import admin federation provider by id/name * @param {string} providerId provider id/name * @param {AdminFederationExportInterface} importData import data */ importAdminFederationProvider(providerId: string, importData: AdminFederationExportInterface): Promise; /** * Import first provider * @param {AdminFederationExportInterface} importData import data */ importFirstAdminFederationProvider(importData: AdminFederationExportInterface): Promise; /** * Import all providers * @param {AdminFederationExportInterface} importData import data */ importAdminFederationProviders(importData: AdminFederationExportInterface): Promise; /** * Get all admin federation providers * @returns {Promise} a promise that resolves to an object containing an array of admin federation providers * @deprecated since v2.0.0 use {@link AdminFederation.readAdminFederationProviders | readAdminFederationProviders} instead * ```javascript * readAdminFederationProviders(): Promise * ``` * @group Deprecated */ getAdminFederationProviders(): Promise; /** * Get admin federation provider * @param {String} providerId social identity provider id/name * @returns {Promise} a promise that resolves a social admin federation object * @deprecated since v2.0.0 use {@link AdminFederation.readAdminFederationProvider | readAdminFederationProvider} instead * ```javascript * readAdminFederationProvider(providerId: string): Promise * ``` * @group Deprecated */ getAdminFederationProvider(providerId: string): Promise; /** * Update or create admin federation provider * @param {string} providerType social identity provider type * @param {string} providerId social identity provider id/name * @param {SocialIdpSkeleton} providerData social identity provider data * @returns {Promise} a promise that resolves a social admin federation object * @deprecated since v2.0.0 use {@link AdminFederation.updateAdminFederationProvider | updateAdminFederationProvider} instead * ```javascript * updateAdminFederationProvider(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise * ``` * @group Deprecated */ putProviderByTypeAndId(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise; }; interface AdminFederationExportInterface { meta?: ExportMetaData; config: Record; idp: Record; } /** * Certificate object skeleton */ type CertificateResponse = NoIdObjectSkeletonInterface & { active: boolean; certificate: string; expireTime: string; id: string; issuer: string; live: boolean; subject: string; subjectAlternativeNames: string[]; validFromTime: string; }; type EnvCertificate = { /** * Read certificate by id * @param {string} certificateId certificate id * @returns {Promise} a promise that resolves to a certificate object */ readCertificate(certificateId: string): Promise; /** * Read all certificates * @param {boolean} noDecode Do not decode values (default: false) * @returns {Promise} a promise that resolves to an array of certificate objects */ readCertificates(noDecode?: boolean): Promise; /** * Create certificate * @param {boolean} active The active status of the certificate. Set this to true for the certificate to actively be served. * @param {string} certificate The PEM formatted certificate. * @param {string} privateKey The private key for the certificate. For security reasons, only insert requests include this field. * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior) * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000) * @param {number} retries Only applies when wait=true: How many times to retry (default: 24) * @returns {Promise} a promise that resolves to a certificate object */ createCertificate(active: boolean, certificate: string, privateKey: string, wait?: boolean, interval?: number, retries?: number): Promise; /** * Update certificate * @param {string} certificateId ID of the certificate * @param {boolean} active The active status of the certificate. Set this to true for the certificate to actively be served. * @returns {Promise} a promise that resolves to a certificate object */ updateCertificate(certificateId: string, active: boolean): Promise; /** * Activate certificate * @param {string} certificateId ID of the certificate * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior) * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000) * @param {number} retries Only applies when wait=true: How many times to retry (default: 24) * @returns {Promise} a promise that resolves to a certificate object */ activateCertificate(certificateId: string, wait?: boolean, interval?: number, retries?: number): Promise; /** * Deactivate certificate * @param {string} certificateId ID of the certificate * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior) * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000) * @param {number} retries Only applies when wait=true: How many times to retry (default: 24) * @returns {Promise} a promise that resolves to a certificate object */ deactivateCertificate(certificateId: string, wait?: boolean, interval?: number, retries?: number): Promise; /** * Check if certificate is active * @param {string} certificateId ID of the certificate * @returns {Promise} a promise that resolves to true or false */ isCertificateActive(certificateId: string): Promise; /** * Check if certificate is live * @param {string} certificateId ID of the certificate * @returns {Promise} a promise that resolves to true or false */ isCertificateLive(certificateId: string): Promise; /** * Delete certificate * @param {string} certificateId certificate id/name * @param {boolean} force force deletion of active certificate by attempting to deactivate it (use interval and retries to modify default behavior) * @param {number} interval Only applies when force=true: Time (in milliseconds) to wait between retries (default: 5000) * @param {number} retries Only applies when force=true: How many times to retry (default: 24) * @returns {Promise} a promise that resolves to a certificate object */ deleteCertificate(certificateId: string, force?: boolean, interval?: number, retries?: number): Promise; /** * Delete all certificates * @param {boolean} force force deletion of active certificate by attempting to deactivate it (use interval and retries to modify default behavior) * @param {number} interval Only applies when force=true: Time (in milliseconds) to wait between retries (default: 5000) * @param {number} retries Only applies when force=true: How many times to retry (default: 24) * @returns {Promise} a promise that resolves to a certificate object */ deleteCertificates(force?: boolean, interval?: number, retries?: number): Promise; }; type DirectiveEnabled = []; type DirectiveSource = string; type AllFlag = '*'; type AllowDuplicatesFlag = "'allow-duplicates'"; type NoneFlag = "'none'"; type ScriptFlag = "'script'"; type SelfFlag = "'self'"; type DirectiveFlag = AllFlag | NoneFlag | SelfFlag | DirectiveSource; type DirectiveSourceFlag = 'data:' | "'unsafe-inline'" | "'unsafe-eval'" | "'unsafe-hashes'" | DirectiveFlag; type SandboxDirectiveFlag = "'allow-forms'" | "'allow-same-origin'" | "'allow-scripts'" | "'allow-popups'" | "'allow-pointer-lock'" | "'allow-top-navigation'"; type RefererDirectiveFlag = "'no-referrer'" | "'none-when-downgrade'" | "'origin'" | "'origin-when-cross-origin'" | "'unsafe-url'"; /** * Content Security Policy object */ type ContentSecurityPolicy = { active: boolean; directives: { 'base-uri'?: DirectiveFlag[]; 'block-all-mixed-content'?: DirectiveEnabled; 'child-src'?: DirectiveSourceFlag[]; 'connect-src'?: DirectiveSourceFlag[]; 'default-src'?: DirectiveSourceFlag[]; 'font-src'?: DirectiveSourceFlag[]; 'form-action'?: DirectiveFlag[]; 'frame-ancestors'?: DirectiveFlag[]; 'frame-src'?: DirectiveSourceFlag[]; 'img-src'?: DirectiveSourceFlag[]; 'manifest-src'?: DirectiveSourceFlag[]; 'media-src'?: DirectiveSourceFlag[]; 'navigate-to'?: DirectiveFlag[]; 'object-src'?: DirectiveSourceFlag[]; 'plugin-types'?: DirectiveSource[]; 'prefetch-src'?: DirectiveSourceFlag[]; referrer?: RefererDirectiveFlag[]; 'report-to'?: DirectiveSource; 'report-uri'?: DirectiveSource; 'require-trusted-types-for'?: ScriptFlag; sandbox?: SandboxDirectiveFlag[]; 'script-src'?: DirectiveSourceFlag[]; 'script-src-attr'?: DirectiveSourceFlag[]; 'script-src-elem'?: DirectiveSourceFlag[]; 'style-src'?: DirectiveSourceFlag[]; 'style-src-attr'?: DirectiveSourceFlag[]; 'style-src-elem'?: DirectiveSourceFlag; 'trusted-types'?: NoneFlag | AllowDuplicatesFlag; 'upgrade-insecure-requests'?: DirectiveEnabled; 'worker-src'?: DirectiveSourceFlag[]; }; }; type EnvContentSecurityPolicy = { /** * Read enforced content security policy * @returns {Promise} a promise that resolves to a ContentSecurityPolicy object */ readEnforcedContentSecurityPolicy(): Promise; /** * Update enforced content security policy * @param {ContentSecurityPolicy} policy ContentSecurityPolicy object * @returns {Promise} a promise that resolves to a ContentSecurityPolicy object. */ updateEnforcedContentSecurityPolicy(policy: ContentSecurityPolicy): Promise; /** * Read report-only content security policy * @returns {Promise} a promise that resolves to a ContentSecurityPolicy object */ readReportOnlyContentSecurityPolicy(): Promise; /** * Update report-only content security policy * @param {ContentSecurityPolicy} policy ContentSecurityPolicy object * @returns {Promise} a promise that resolves to a ContentSecurityPolicy object. */ updateReportOnlyContentSecurityPolicy(policy: ContentSecurityPolicy): Promise; }; /** * Cookie Domains object */ type CookieDomains = { domains: string[]; }; type EnvCookieDomains = { /** * Read cookie domains * @returns {Promise} a promise that resolves to a CookieDomains object */ readCookieDomains(): Promise; /** * Update cookie domains * @param {CookieDomains} domains CookieDomains object * @returns {Promise} a promise that resolves to a CookieDomains object. */ updateCookieDomains(domains: CookieDomains): Promise; }; /** * CSR object */ type CSR = { /** * The algorithm for the private key. The encryption algorithm will either be * RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048. */ algorithm: 'rsa' | 'ecdsa'; /** * Category of business, such as "Private Organization", “Government Entity”, * “Business Entity”, or “Non-Commercial Entity”. Relevant for EV certificates. */ businessCategory: string; /** * City */ city: string; /** * Domain name that the SSL certificate is securing */ commonName: string; /** * Two-letter ISO-3166 country code: string[A-Z]{2} */ country: string; /** * Email: string^\S+@\S+$ */ email: string; /** * This field contains only information relevant to the Jurisdiction * of Incorporation or Registration. Relevant for EV certificates. */ jurisdictionCity: string; /** * This field contains only information relevant to the Jurisdiction * of Incorporation or Registration. Relevant for EV certificates. */ jurisdictionCountry: string; /** * This field contains only information relevant to the Jurisdiction * of Incorporation or Registration. Relevant for EV certificates. */ jurisdictionState: string; /** * Full name of company */ organization: string; /** * Company section or department */ organizationalUnit: string; /** * Zip code */ postalCode: string; /** * The Registration (or similar) Number assigned to the Subject by the Incorporating * or Registration Agency in its Jurisdiction of Incorporation or Registration. * Relevant for EV certificates. */ serialNumber: string; /** * State */ state: string; /** * Address */ streetAddress: string; /** * Additional domain or domains that the SSL certificate is securing */ subjectAlternativeNames: string[]; }; /** * CSR response object skeleton */ type CSRResponse = NoIdObjectSkeletonInterface & { /** * The algorithm for the private key. The encryption algorithm will either be RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048. */ algorithm: string; /** * The ID of the certificate created from this CSR if the CSR has been completed. */ certificateID: string; /** * Creation timestamp: eg '2006-01-02T15:04:05Z07:00' */ createdDate: string; /** * The unique identifier for the CSR */ id: string; /** * PEM formatted CSR. */ request: string; /** * the CSR subject */ subject: string; /** * Additional domain or domains that the SSL certificate is securing */ subjectAlternativeNames: string[]; }; type EnvCSR = { /** * Read CSR by id * @param {string} csrId ID of the CSR * @returns {Promise} a promise that resolves to a CSRResponse object */ readCSR(csrId: string): Promise; /** * Read all CSRs * @returns {Promise} a promise that resolves to an array of CSRResponse objects */ readCSRs(): Promise; /** * Create CSR * @param {CSR} csr CSR object * @returns {Promise} a promise that resolves to a CSRResponse object */ createCSR(csr: CSR): Promise; /** * Create CSR * @param {'rsa' | 'ecdsa'} algorithm The algorithm for the private key. The encryption algorithm will either be RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048. * @param {string} businessCategory Category of business, such as "Private Organization", “Government Entity”, “Business Entity”, or “Non-Commercial Entity”. Relevant for EV certificates. * @param {string} city City * @param {string} commonName Domain name that the SSL certificate is securing * @param {string} country Two-letter ISO-3166 country code: string[A-Z]{2} * @param {string} email Email: string^\S+@\S+$ * @param {string} jurisdictionCity This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates. * @param {string} jurisdictionCountry This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates. * @param {string} jurisdictionState This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates. * @param {string} organization Full name of company * @param {string} organizationalUnit Company section or department * @param {string} postalCode Zip code * @param {string} serialNumber The Registration (or similar) Number assigned to the Subject by the Incorporating or Registration Agency in its Jurisdiction of Incorporation or Registration. Relevant for EV certificates. * @param {string} state State * @param {string} streetAddress Address * @param {string[]} subjectAlternativeNames Additional domain or domains that the SSL certificate is securing * @returns {Promise} a promise that resolves to a CSRResponse object */ createCSR2(algorithm: 'rsa' | 'ecdsa', businessCategory: string, city: string, commonName: string, country: string, email: string, jurisdictionCity: string, jurisdictionCountry: string, jurisdictionState: string, organization: string, organizationalUnit: string, postalCode: string, serialNumber: string, state: string, streetAddress: string, subjectAlternativeNames: string[]): Promise; /** * Update CSR * @param {string} csrId ID of the CSR * @param {string} certificate The matching signed certificate for the request. This should only be set on update requests to upload the certificate. * @returns {Promise} a promise that resolves to a CSRResponse object */ updateCSR(csrId: string, certificate: string): Promise; /** * Delete CSR * @param {string} csrId ID of the CSR * @returns {Promise} a promise that resolves to a CSRResponse object */ deleteCSR(csrId: string): Promise; /** * Delete all CSRs * @returns {Promise} a promise that resolves to an array of CSRResponse objects */ deleteCSRs(): Promise; }; /** * Custom Domains object */ type CustomDomains = { domains: string[]; }; type EnvCustomDomains = { /** * Verify CNAME * @param {string} name CNAME to verify * @returns {Promise} a promise that resolves to true if successul, false otherwise. */ verifyCNAME(name: string): Promise; /** * Read custom domains * @returns {Promise} a promise that resolves to a CustomDomains object */ readCustomDomains(): Promise; /** * Update custom domains * @param {CustomDomains} domains CustomDomains object * @returns {Promise} a promise that resolves to a CustomDomains object. */ updateCustomDomains(domains: CustomDomains): Promise; }; /** * Federation Enforcement object */ type FederationEnforcement = { groups: 'none' | 'non-global' | 'all'; }; type EnvFederationEnforcement = { /** * Read federation enforcement configuration * @returns {Promise} a promise that resolves to a FederationEnforcement object */ readFederationEnforcement(): Promise; /** * Update federation enforcement configuration * @param {FederationEnforcement} config FederationEnforcement object * @returns {Promise} a promise that resolves to a FederationEnforcement object. */ updateFederationEnforcement(config: FederationEnforcement): Promise; /** * Enforce federation for a group of admins * @param {EnforcementGroup} group Group of admins to enforce federation for * @returns {Promise} a promise that resolves to a FederationEnforcement object. */ enforceFederationFor(group: EnforcementGroup): Promise; }; declare enum EnforcementGroup { Nobody = "none", TenantAdmins = "non-global", AllAdmins = "all" } /** * Lock response */ type LockResponse = { description: string; promotionId: string; result: string; }; /** * Lock status */ type LockStatus = { description: string; lowerEnv: { promotionId: string; proxyState: string; state: string; }; promotionId: string; result: 'unlocked' | 'locking' | 'unlocking' | 'locked' | 'error'; upperEnv: { promotionId: string; proxyState: string; state: string; }; }; /** * Promotion request config */ type PromotionRequestConfig = { dryRun: boolean; ignoreEncryptedSecrets: boolean; promoter: string; promotionDescription: string; unlockEnvironmentsAfterPromotion: boolean; zendeskTicketReference: string; }; /** * Promotion response */ type PromotionResponse = { result: string; }; type PromotionType = 'promotion' | 'rollback'; /** * Promotion status */ type PromotionStatus = { blockingError: boolean; encryptedSecrets: string[]; globalLock: string; message: string; missingESVs: string[]; promotionId: string; status: string; timeStamp: string; type: PromotionType; }; type PromotionConfigChange = { name: string; realm: string; uid: string; }; type PromotionConfig = { configChange: { added: PromotionConfigChange[]; deleted: PromotionConfigChange[]; modified: PromotionConfigChange[]; }; configItem: string; }; type PromotionReport = { createdDate: string; dryRun: boolean; missingESVs: string[]; previouslyIgnoredEncryptedSecrets: string[]; promoter: string; promotionDescription: string; promotionId: string; report: { AMConfig: PromotionConfig[]; IDMConfig: PromotionConfig[]; }; reportId: string; reportName: string; type: PromotionType; }; type PromotionReportStub = { createdDate: '2022-01-19T13:04:00Z'; dryRun: true; promotionId: '7575f185-cd0b-4823-b8b1-f677895291d4'; reportId: 'd19e140-8325-4669-b9f3-1cd82784e24e'; type: 'rollback'; }; /** * Rollback request */ type RollbackConfig = { promoter: string; promotionDescription: string; unlockEnvironmentsAfterPromotion: boolean; zendeskTicketReference: string; }; /** * Rollback response */ type RollbackResponse = { result: string; }; type EnvPromotion = { /** * Lock environment * @returns {Promise} a promise that resolves to a LockResponse object. */ lockEnvironment(): Promise; /** * Unlock environment * @param {string} promotionId Promotion id. * @returns {Promise} a promise that resolves to a LockResponse object */ unlockEnvironment(promotionId: string): Promise; /** * Read lock status * @returns {Promise} a promise that resolves to a LockStatus object */ readLockStatus(): Promise; /** * Promote configuration * @param {PromotionRequestConfig} config Promotion request config * @returns {Promise