import * as core from "../../core/index.js";
import * as Management from "../index.js";
/**
* @example
* {
* triggerId: "post-login",
* actionName: "actionName",
* deployed: true,
* page: 1,
* per_page: 1,
* installed: true
* }
*/
export interface ListActionsRequestParameters {
/** An actions extensibility point. */
triggerId?: Management.ActionTriggerTypeEnum | null;
/** The name of the action to retrieve. */
actionName?: string | null;
/** Optional filter to only retrieve actions that are deployed. */
deployed?: boolean | null;
/** Use this field to request a specific page of the list results. */
page?: number | null;
/** The maximum number of results to be returned by the server in single response. 20 by default */
per_page?: number | null;
/** Optional. When true, return only installed actions. When false, return only custom actions. Returns all actions by default. */
installed?: boolean | null;
}
/**
* @example
* {
* name: "name",
* supported_triggers: [{
* id: "post-login"
* }]
* }
*/
export interface CreateActionRequestContent {
/** The name of an action. */
name: string;
/** The list of triggers that this action supports. At this time, an action can only target a single trigger at a time. */
supported_triggers: Management.ActionTrigger[];
/** The source code of the action. */
code?: string;
/** The list of third party npm modules, and their versions, that this action depends on. */
dependencies?: Management.ActionVersionDependency[];
/** The Node runtime. For example: `node22`, defaults to `node22` */
runtime?: string;
/** The list of secrets that are included in an action or a version of an action. */
secrets?: Management.ActionSecretRequest[];
/** The list of action modules and their versions used by this action. */
modules?: Management.ActionModuleReference[];
/** True if the action should be deployed after creation. */
deploy?: boolean;
}
/**
* @example
* {
* force: true
* }
*/
export interface DeleteActionRequestParameters {
/** Force action deletion detaching bindings */
force?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateActionRequestContent {
/** The name of an action. */
name?: string;
/** The list of triggers that this action supports. At this time, an action can only target a single trigger at a time. */
supported_triggers?: Management.ActionTrigger[];
/** The source code of the action. */
code?: string;
/** The list of third party npm modules, and their versions, that this action depends on. */
dependencies?: Management.ActionVersionDependency[];
/** The Node runtime. For example: `node22`, defaults to `node22` */
runtime?: string;
/** The list of secrets that are included in an action or a version of an action. */
secrets?: Management.ActionSecretRequest[];
/** The list of action modules and their versions used by this action. */
modules?: Management.ActionModuleReference[];
}
/**
* @example
* {
* payload: {
* "key": "value"
* }
* }
*/
export interface TestActionRequestContent {
payload: Management.TestActionPayload;
}
/**
* @example
* {}
*/
export interface UpdateBrandingRequestContent {
colors?: Management.UpdateBrandingColors | null;
/** URL for the favicon. Must use HTTPS. */
favicon_url?: string | null;
/** URL for the logo. Must use HTTPS. */
logo_url?: string | null;
font?: Management.UpdateBrandingFont | null;
}
/**
* @example
* {
* from: "from",
* take: 1,
* audience: "audience",
* client_id: "client_id",
* allow_any_organization: true,
* subject_type: "client",
* default_for: "third_party_clients"
* }
*/
export interface ListClientGrantsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Optional filter on audience. */
audience?: string | null;
/** Optional filter on client_id. */
client_id?: string | null;
/** Optional filter on allow_any_organization. */
allow_any_organization?: Management.ClientGrantAllowAnyOrganizationEnum | null;
/** The type of application access the client grant allows. */
subject_type?: Management.ClientGrantSubjectTypeEnum | null;
/** Used to filter the returned client grants to include only default client grants for the specified group of clients. */
default_for?: Management.ClientGrantDefaultForEnum | null;
}
/**
* @example
* {
* audience: "audience"
* }
*/
export interface CreateClientGrantRequestContent {
/** ID of the client. */
client_id?: string;
/** The audience (API identifier) of this client grant */
audience: string;
/** Applies this client grant as the default for all clients in the specified group. The only accepted value is `third_party_clients`, which applies the grant to all third-party clients. Per-client grants for the same audience take precedence. Mutually exclusive with `client_id`. If specified, a value for `client_id` must not be specified. */
default_for?: Management.ClientGrantDefaultForEnum;
organization_usage?: Management.ClientGrantOrganizationUsageEnum;
/** If enabled, any organization can be used with this grant. If disabled (default), the grant must be explicitly assigned to the desired organizations. */
allow_any_organization?: boolean;
/** Scopes allowed for this client grant. */
scope?: string[];
subject_type?: Management.ClientGrantSubjectTypeEnum;
/** Types of authorization_details allowed for this client grant. */
authorization_details_types?: string[];
/** If enabled, all scopes configured on the resource server are allowed for this grant. */
allow_all_scopes?: boolean;
}
/**
* @example
* {}
*/
export interface UpdateClientGrantRequestContent {
/** Scopes allowed for this client grant. */
scope?: string[] | null;
organization_usage?: Management.ClientGrantOrganizationNullableUsageEnum | null;
/** Controls allowing any organization to be used with this grant */
allow_any_organization?: boolean | null;
/** Types of authorization_details allowed for this client grant. */
authorization_details_types?: string[];
/** If enabled, all scopes configured on the resource server are allowed for this grant. */
allow_all_scopes?: boolean | null;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true,
* page: 1,
* per_page: 1,
* include_totals: true,
* is_global: true,
* is_first_party: true,
* app_type: "app_type",
* external_client_id: "external_client_id",
* q: "q"
* }
*/
export interface ListClientsRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Default value is 50, maximum value is 100 */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Optional filter on the global client parameter. */
is_global?: boolean | null;
/** Optional filter on whether or not a client is a first-party client. */
is_first_party?: boolean | null;
/** Optional filter by a comma-separated list of application types. */
app_type?: string | null;
/** Optional filter by the Client ID Metadata Document URI for CIMD-registered clients. */
external_client_id?: string | null;
/** Advanced Query in Lucene syntax.
Permitted Queries:
- client_grant.organization_id:{organization_id}
- client_grant.allow_any_organization:true
Additional Restrictions:
- Cannot be used in combination with other filters
- Requires use of the from and take paging parameters (checkpoint paginatinon)
- Reduced rate limits apply. See Rate Limit Configurations
Note: Recent updates may not be immediately reflected in query results */
q?: string | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateClientRequestContent {
/** Name of this client (min length: 1 character, does not allow `<` or `>`). */
name: string;
/** Free text description of this client (max length: 140 characters). */
description?: string;
/** URL of the logo to display for this client. Recommended size is 150x150 pixels. */
logo_uri?: string;
/** Comma-separated list of URLs whitelisted for Auth0 to use as a callback to the client after authentication. */
callbacks?: string[];
oidc_logout?: Management.ClientOidcBackchannelLogoutSettings;
/** Configuration for OIDC backchannel logout (deprecated, in favor of oidc_logout) */
oidc_backchannel_logout?: Management.ClientOidcBackchannelLogoutSettings;
session_transfer?: Management.ClientSessionTransferConfiguration | null;
/** Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. */
allowed_origins?: string[];
/** Comma-separated list of allowed origins for use with Cross-Origin Authentication, Device Flow, and web message response mode. */
web_origins?: string[];
/** List of audiences/realms for SAML protocol. Used by the wsfed addon. */
client_aliases?: string[];
/** List of allow clients and API ids that are allowed to make delegation requests. Empty means all all your clients are allowed. */
allowed_clients?: string[];
/** Comma-separated list of URLs that are valid to redirect to after logout from Auth0. Wildcards are allowed for subdomains. */
allowed_logout_urls?: string[];
/** List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, `urn:ietf:params:oauth:grant-type:device_code`, and `urn:auth0:params:oauth:grant-type:token-exchange:federated-connection-access-token`. */
grant_types?: string[];
token_endpoint_auth_method?: Management.ClientTokenEndpointAuthMethodEnum;
/** If true, trust that the IP specified in the `auth0-forwarded-for` header is the end-user's IP for brute-force-protection on token endpoint. */
is_token_endpoint_ip_header_trusted?: boolean;
app_type?: Management.ClientAppTypeEnum;
/** Whether this client a first party client or not */
is_first_party?: boolean;
/** Whether this client conforms to strict OIDC specifications (true) or uses legacy features (false). */
oidc_conformant?: boolean;
jwt_configuration?: Management.ClientJwtConfiguration;
encryption_key?: Management.ClientEncryptionKey | null;
/** Applies only to SSO clients and determines whether Auth0 will handle Single Sign On (true) or whether the Identity Provider will (false). */
sso?: boolean;
/** Whether this client can be used to make cross-origin authentication requests (true) or it is not allowed to make such requests (false). */
cross_origin_authentication?: boolean;
/** URL of the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page. */
cross_origin_loc?: string;
/** true to disable Single Sign On, false otherwise (default: false) */
sso_disabled?: boolean;
/** true if the custom login page is to be used, false otherwise. Defaults to true */
custom_login_page_on?: boolean;
/** The content (HTML, CSS, JS) of the custom login page. */
custom_login_page?: string;
/** The content (HTML, CSS, JS) of the custom login page. (Used on Previews) */
custom_login_page_preview?: string;
/** HTML form template to be used for WS-Federation. */
form_template?: string;
addons?: Management.ClientAddons;
client_metadata?: Management.ClientMetadata;
mobile?: Management.ClientMobile;
/** Initiate login uri, must be https */
initiate_login_uri?: string;
native_social_login?: Management.NativeSocialLogin;
refresh_token?: Management.ClientRefreshTokenConfiguration | null;
default_organization?: Management.ClientDefaultOrganization | null;
organization_usage?: Management.ClientOrganizationUsageEnum;
organization_require_behavior?: Management.ClientOrganizationRequireBehaviorEnum;
/** Defines the available methods for organization discovery during the `pre_login_prompt`. Users can discover their organization either by `email`, `organization_name` or both. */
organization_discovery_methods?: Management.ClientOrganizationDiscoveryEnum[];
client_authentication_methods?: Management.ClientCreateAuthenticationMethod;
/** Makes the use of Pushed Authorization Requests mandatory for this client */
require_pushed_authorization_requests?: boolean;
/** Makes the use of Proof-of-Possession mandatory for this client */
require_proof_of_possession?: boolean;
signed_request_object?: Management.ClientSignedRequestObjectWithPublicKey;
compliance_level?: Management.ClientComplianceLevelEnum | null;
/**
* Controls whether a confirmation prompt is shown during login flows when the redirect URI uses non-verifiable callback URIs (for example, a custom URI schema such as `myapp://`, or `localhost`).
* If set to true, a confirmation prompt will not be shown. We recommend that this is set to false for improved protection from malicious apps.
* See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
*/
skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
token_exchange?: Management.ClientTokenExchangeConfiguration;
/** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
par_request_expiry?: number | null;
token_quota?: Management.CreateTokenQuota;
/** The identifier of the resource server that this client is linked to. */
resource_server_identifier?: string;
third_party_security_mode?: Management.ClientThirdPartySecurityModeEnum;
redirection_policy?: Management.ClientRedirectionPolicyEnum;
express_configuration?: Management.ExpressConfiguration;
my_organization_configuration?: Management.ClientMyOrganizationPostConfiguration;
async_approval_notification_channels?: Management.ClientAsyncApprovalNotificationsChannelsApiPostConfiguration;
}
/**
* @example
* {
* external_client_id: "external_client_id"
* }
*/
export interface PreviewCimdMetadataRequestContent {
/** URL to the Client ID Metadata Document */
external_client_id: string;
}
/**
* @example
* {
* external_client_id: "external_client_id"
* }
*/
export interface RegisterCimdClientRequestContent {
/** URL to the Client ID Metadata Document. Acts as the unique identifier for upsert operations. */
external_client_id: string;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetClientRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateClientRequestContent {
/** The name of the client. Must contain at least one character. Does not allow '<' or '>'. */
name?: string;
/** Free text description of the purpose of the Client. (Max character length: 140) */
description?: string;
/** The secret used to sign tokens for the client */
client_secret?: string;
/** The URL of the client logo (recommended size: 150x150) */
logo_uri?: string;
/** A set of URLs that are valid to call back from Auth0 when authenticating users */
callbacks?: string[];
oidc_logout?: Management.ClientOidcBackchannelLogoutSettings;
/** Configuration for OIDC backchannel logout (deprecated, in favor of oidc_logout) */
oidc_backchannel_logout?: Management.ClientOidcBackchannelLogoutSettings;
session_transfer?: Management.ClientSessionTransferConfiguration | null;
/** A set of URLs that represents valid origins for CORS */
allowed_origins?: string[];
/** A set of URLs that represents valid web origins for use with web message response mode */
web_origins?: string[];
/** A set of grant types that the client is authorized to use. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, `urn:openid:params:grant-type:ciba`, `urn:ietf:params:oauth:grant-type:device_code`, and `urn:auth0:params:oauth:grant-type:token-exchange:federated-connection-access-token`. */
grant_types?: string[];
/** List of audiences for SAML protocol */
client_aliases?: string[];
/** Ids of clients that will be allowed to perform delegation requests. Clients that will be allowed to make delegation request. By default, all your clients will be allowed. This field allows you to specify specific clients */
allowed_clients?: string[];
/** URLs that are valid to redirect to after logout from Auth0 */
allowed_logout_urls?: string[];
/** An object that holds settings related to how JWTs are created */
jwt_configuration?: Management.ClientJwtConfiguration;
/** The client's encryption key */
encryption_key?: Management.ClientEncryptionKey | null;
/** true to use Auth0 instead of the IdP to do Single Sign On, false otherwise (default: false) */
sso?: boolean;
/** true if this client can be used to make cross-origin authentication requests, false otherwise if cross origin is disabled */
cross_origin_authentication?: boolean;
/** URL for the location in your site where the cross origin verification takes place for the cross-origin auth flow when performing Auth in your own domain instead of Auth0 hosted login page. */
cross_origin_loc?: string | null;
/** true to disable Single Sign On, false otherwise (default: false) */
sso_disabled?: boolean;
/** true if the custom login page is to be used, false otherwise. */
custom_login_page_on?: boolean;
token_endpoint_auth_method?: Management.ClientTokenEndpointAuthMethodOrNullEnum | null;
/** If true, trust that the IP specified in the `auth0-forwarded-for` header is the end-user's IP for brute-force-protection on token endpoint. */
is_token_endpoint_ip_header_trusted?: boolean;
app_type?: Management.ClientAppTypeEnum;
/** Whether this client a first party client or not */
is_first_party?: boolean;
/** Whether this client will conform to strict OIDC specifications */
oidc_conformant?: boolean;
/** The content (HTML, CSS, JS) of the custom login page */
custom_login_page?: string;
custom_login_page_preview?: string;
token_quota?: Management.UpdateTokenQuota | null;
/** Form template for WS-Federation protocol */
form_template?: string;
addons?: Management.ClientAddons;
client_metadata?: Management.ClientMetadata;
/** Configuration related to native mobile apps */
mobile?: Management.ClientMobile;
/** Initiate login uri, must be https */
initiate_login_uri?: string;
native_social_login?: Management.NativeSocialLogin;
refresh_token?: Management.ClientRefreshTokenConfiguration | null;
default_organization?: Management.ClientDefaultOrganization | null;
organization_usage?: Management.ClientOrganizationUsagePatchEnum | null;
organization_require_behavior?: Management.ClientOrganizationRequireBehaviorPatchEnum | null;
/** Defines the available methods for organization discovery during the `pre_login_prompt`. Users can discover their organization either by `email`, `organization_name` or both. */
organization_discovery_methods?: Management.ClientOrganizationDiscoveryEnum[] | null;
client_authentication_methods?: Management.ClientAuthenticationMethod | null;
/** Makes the use of Pushed Authorization Requests mandatory for this client */
require_pushed_authorization_requests?: boolean;
/** Makes the use of Proof-of-Possession mandatory for this client */
require_proof_of_possession?: boolean;
signed_request_object?: Management.ClientSignedRequestObjectWithCredentialId;
compliance_level?: Management.ClientComplianceLevelEnum | null;
/**
* Controls whether a confirmation prompt is shown during login flows when the redirect URI uses non-verifiable callback URIs (for example, a custom URI schema such as `myapp://`, or `localhost`).
* If set to true, a confirmation prompt will not be shown. We recommend that this is set to false for improved protection from malicious apps.
* See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
*/
skip_non_verifiable_callback_uri_confirmation_prompt?: boolean | null;
token_exchange?: Management.ClientTokenExchangeConfigurationOrNull | null;
/** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
par_request_expiry?: number | null;
express_configuration?: Management.ExpressConfigurationOrNull | null;
my_organization_configuration?: Management.ClientMyOrganizationPatchConfiguration | null;
async_approval_notification_channels?: (Management.ClientAsyncApprovalNotificationsChannelsApiPatchConfiguration | undefined) | null;
third_party_security_mode?: Management.ClientThirdPartySecurityModeEnum;
redirection_policy?: Management.ClientRedirectionPolicyEnum;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListConnectionProfileRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 5. */
take?: number | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateConnectionProfileRequestContent {
name: Management.ConnectionProfileName;
organization?: Management.ConnectionProfileOrganization;
connection_name_prefix_template?: Management.ConnectionNamePrefixTemplate;
enabled_features?: Management.ConnectionProfileEnabledFeatures;
connection_config?: Management.ConnectionProfileConfig;
strategy_overrides?: Management.ConnectionProfileStrategyOverrides;
}
/**
* @example
* {}
*/
export interface UpdateConnectionProfileRequestContent {
name?: Management.ConnectionProfileName;
organization?: Management.ConnectionProfileOrganization;
connection_name_prefix_template?: Management.ConnectionNamePrefixTemplate;
enabled_features?: Management.ConnectionProfileEnabledFeatures;
connection_config?: Management.ConnectionProfileConfig;
strategy_overrides?: Management.ConnectionProfileStrategyOverrides;
}
/**
* @example
* {
* from: "from",
* take: 1,
* name: "name",
* fields: "fields",
* include_fields: true
* }
*/
export interface ListConnectionsQueryParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Provide strategies to only retrieve connections with such strategies */
strategy?: (Management.ConnectionStrategyEnum | null) | (Management.ConnectionStrategyEnum | null)[];
/** Provide the name of the connection to retrieve */
name?: string | null;
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** true if the fields specified are to be included in the result, false otherwise (defaults to true) */
include_fields?: boolean | null;
}
/**
* @example
* {
* name: "name",
* strategy: "ad"
* }
*/
export interface CreateConnectionRequestContent {
/** The name of the connection. Must start and end with an alphanumeric character and can only contain alphanumeric characters and '-'. Max length 128 */
name: string;
/** Connection name used in the new universal login experience */
display_name?: string;
strategy: Management.ConnectionIdentityProviderEnum;
options?: Management.ConnectionPropertiesOptions;
/** Use of this property is NOT RECOMMENDED. Use the PATCH /v2/connections/{id}/clients endpoint to enable the connection for a set of clients. */
enabled_clients?: string[];
/** true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.) */
is_domain_connection?: boolean;
/** Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.) */
show_as_button?: boolean;
/** Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm. */
realms?: string[];
metadata?: Management.ConnectionsMetadata;
authentication?: Management.ConnectionAuthenticationPurpose;
connected_accounts?: Management.ConnectionConnectedAccountsPurpose;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetConnectionRequestParameters {
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** true if the fields specified are to be included in the result, false otherwise (defaults to true) */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateConnectionRequestContent {
/** The connection name used in the new universal login experience. If display_name is not included in the request, the field will be overwritten with the name value. */
display_name?: string;
options?: Management.UpdateConnectionOptions | null;
/** DEPRECATED property. Use the PATCH /v2/connections/{id}/clients endpoint to enable or disable the connection for any clients. */
enabled_clients?: string[] | null;
/** true promotes to a domain-level connection so that third-party applications can use it. false does not promote the connection, so only first-party applications with the connection enabled can use it. (Defaults to false.) */
is_domain_connection?: boolean;
/** Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to false.) */
show_as_button?: boolean;
/** Defines the realms for which the connection will be used (ie: email domains). If the array is empty or the property is not specified, the connection name will be added as realm. */
realms?: string[];
metadata?: Management.ConnectionsMetadata;
authentication?: Management.ConnectionAuthenticationPurpose;
connected_accounts?: Management.ConnectionConnectedAccountsPurpose;
}
/**
* @example
* {
* q: "q",
* fields: "fields",
* include_fields: true,
* sort: "sort"
* }
*/
export interface ListCustomDomainsRequestParameters {
/** Query in Lucene query string syntax. */
q?: string | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Field to sort by. Only domain:1 (ascending order by domain) is supported at this time. */
sort?: string | null;
}
/**
* @example
* {
* domain: "domain",
* type: "auth0_managed_certs"
* }
*/
export interface CreateCustomDomainRequestContent {
/** Domain name. */
domain: string;
type: Management.CustomDomainProvisioningTypeEnum;
verification_method?: Management.CustomDomainVerificationMethodEnum;
tls_policy?: Management.CustomDomainTlsPolicyEnum;
custom_client_ip_header?: Management.CustomDomainCustomClientIpHeader | undefined;
domain_metadata?: Management.DomainMetadata;
/** Relying Party ID (rpId) to be used for Passkeys on this custom domain. If not provided, the full domain will be used. */
relying_party_identifier?: string;
}
/**
* @example
* {
* domain: "domain"
* }
*/
export interface SetDefaultCustomDomainRequestContent {
/** The domain to set as the default custom domain. Must be a verified custom domain or the canonical domain. */
domain: string;
}
/**
* @example
* {}
*/
export interface UpdateCustomDomainRequestContent {
/** recommended includes TLS 1.2 */
tls_policy?: Management.CustomDomainTlsPolicyEnum;
custom_client_ip_header?: Management.CustomDomainCustomClientIpHeader | undefined;
domain_metadata?: Management.DomainMetadata;
/** Relying Party ID (rpId) to be used for Passkeys on this custom domain. Set to null to remove the rpId and fall back to using the full domain. */
relying_party_identifier?: string | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* fields: "fields",
* include_fields: true,
* user_id: "user_id",
* client_id: "client_id",
* type: "public_key"
* }
*/
export interface ListDeviceCredentialsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. There is a maximum of 1000 results allowed from this endpoint. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** user_id of the devices to retrieve. */
user_id?: string | null;
/** client_id of the devices to retrieve. */
client_id?: string | null;
/** Type of credentials to retrieve. Must be `public_key`, `refresh_token` or `rotating_refresh_token`. The property will default to `refresh_token` when paging is requested */
type?: Management.DeviceCredentialTypeEnum | null;
}
/**
* @example
* {
* device_name: "device_name",
* type: "public_key",
* value: "value",
* device_id: "device_id"
* }
*/
export interface CreatePublicKeyDeviceCredentialRequestContent {
/** Name for this device easily recognized by owner. */
device_name: string;
type: Management.DeviceCredentialPublicKeyTypeEnum;
/** Base64 encoded string containing the credential. */
value: string;
/** Unique identifier for the device. Recommend using Android_ID on Android and identifierForVendor. */
device_id: string;
/** client_id of the client (application) this credential is for. */
client_id?: string;
}
/**
* @example
* {
* template: "verify_email"
* }
*/
export interface CreateEmailTemplateRequestContent {
template: Management.EmailTemplateNameEnum;
/** Body of the email template. */
body?: string | null;
/** Senders `from` email address. */
from?: string | null;
/** URL to redirect the user to after a successful action. */
resultUrl?: string | null;
/** Subject line of the email. */
subject?: string | null;
/** Syntax of the template body. */
syntax?: string | null;
/** Lifetime in seconds that the link within the email will be valid for. */
urlLifetimeInSeconds?: number | null;
/** Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true. */
includeEmailInRedirect?: boolean;
/** Whether the template is enabled (true) or disabled (false). */
enabled?: boolean | null;
}
/**
* @example
* {
* template: "verify_email"
* }
*/
export interface SetEmailTemplateRequestContent {
template: Management.EmailTemplateNameEnum;
/** Body of the email template. */
body?: string | null;
/** Senders `from` email address. */
from?: string | null;
/** URL to redirect the user to after a successful action. */
resultUrl?: string | null;
/** Subject line of the email. */
subject?: string | null;
/** Syntax of the template body. */
syntax?: string | null;
/** Lifetime in seconds that the link within the email will be valid for. */
urlLifetimeInSeconds?: number | null;
/** Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true. */
includeEmailInRedirect?: boolean;
/** Whether the template is enabled (true) or disabled (false). */
enabled?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateEmailTemplateRequestContent {
template?: Management.EmailTemplateNameEnum;
/** Body of the email template. */
body?: string | null;
/** Senders `from` email address. */
from?: string | null;
/** URL to redirect the user to after a successful action. */
resultUrl?: string | null;
/** Subject line of the email. */
subject?: string | null;
/** Syntax of the template body. */
syntax?: string | null;
/** Lifetime in seconds that the link within the email will be valid for. */
urlLifetimeInSeconds?: number | null;
/** Whether the `reset_email` and `verify_email` templates should include the user's email address as the `email` parameter in the returnUrl (true) or whether no email address should be included in the redirect (false). Defaults to true. */
includeEmailInRedirect?: boolean;
/** Whether the template is enabled (true) or disabled (false). */
enabled?: boolean | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListEventStreamsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {}
*/
export interface UpdateEventStreamRequestContent {
/** Name of the event stream. */
name?: string;
/** List of event types subscribed to in this stream. */
subscriptions?: Management.EventStreamSubscription[];
destination?: Management.EventStreamDestinationPatch;
status?: Management.EventStreamStatusEnum;
}
/**
* @example
* {
* event_type: "group.created"
* }
*/
export interface CreateEventStreamTestEventRequestContent {
event_type: Management.EventStreamTestEventTypeEnum;
data?: Management.TestEventDataContent;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* synchronous: true
* }
*/
export interface ListFlowsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** hydration param */
hydrate?: (Management.ListFlowsRequestParametersHydrateEnum | null) | (Management.ListFlowsRequestParametersHydrateEnum | null)[];
/** flag to filter by sync/async flows */
synchronous?: boolean | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateFlowRequestContent {
name: string;
actions?: Management.FlowAction[];
}
/**
* @example
* {}
*/
export interface GetFlowRequestParameters {
/** hydration param */
hydrate?: (Management.GetFlowRequestParametersHydrateEnum | null) | (Management.GetFlowRequestParametersHydrateEnum | null)[];
}
/**
* @example
* {}
*/
export interface UpdateFlowRequestContent {
name?: string;
actions?: Management.FlowAction[] | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListFormsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Query parameter to hydrate the response with additional data */
hydrate?: (Management.FormsRequestParametersHydrateEnum | null) | (Management.FormsRequestParametersHydrateEnum | null)[];
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateFormRequestContent {
name: string;
messages?: Management.FormMessages;
languages?: Management.FormLanguages;
translations?: Management.FormTranslations;
nodes?: Management.FormNodeList;
start?: Management.FormStartNode;
ending?: Management.FormEndingNode;
style?: Management.FormStyle;
}
/**
* @example
* {}
*/
export interface GetFormRequestParameters {
/** Query parameter to hydrate the response with additional data */
hydrate?: (Management.FormsRequestParametersHydrateEnum | null) | (Management.FormsRequestParametersHydrateEnum | null)[];
}
/**
* @example
* {}
*/
export interface UpdateFormRequestContent {
name?: string;
messages?: Management.FormMessagesNullable | undefined;
languages?: Management.FormLanguagesNullable | undefined;
translations?: Management.FormTranslationsNullable | undefined;
nodes?: Management.FormNodeListNullable | undefined;
start?: Management.FormStartNodeNullable | undefined;
ending?: Management.FormEndingNodeNullable | undefined;
style?: Management.FormStyleNullable | undefined;
}
/**
* @example
* {
* per_page: 1,
* page: 1,
* include_totals: true,
* user_id: "user_id",
* client_id: "client_id",
* audience: "audience"
* }
*/
export interface ListUserGrantsRequestParameters {
/** Number of results per page. */
per_page?: number | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** user_id of the grants to retrieve. */
user_id?: string | null;
/** client_id of the grants to retrieve. */
client_id?: string | null;
/** audience of the grants to retrieve. */
audience?: string | null;
}
/**
* @example
* {
* user_id: "user_id"
* }
*/
export interface DeleteUserGrantByUserIdRequestParameters {
/** user_id of the grant to delete. */
user_id: string;
}
/**
* @example
* {
* connection_id: "connection_id",
* name: "name",
* external_id: "external_id",
* fields: "fields",
* include_fields: true,
* from: "from",
* take: 1
* }
*/
export interface ListGroupsRequestParameters {
/** Filter groups by connection ID. */
connection_id?: string | null;
/** Filter groups by name. */
name?: string | null;
/** Filter groups by external ID. */
external_id?: string | null;
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* enabled: true,
* fields: "fields",
* triggerId: "credentials-exchange"
* }
*/
export interface ListHooksRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Optional filter on whether a hook is enabled (true) or disabled (false). */
enabled?: boolean | null;
/** Comma-separated list of fields to include in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Retrieves hooks that match the trigger */
triggerId?: Management.HookTriggerIdEnum | null;
}
/**
* @example
* {
* name: "name",
* script: "script",
* triggerId: "credentials-exchange"
* }
*/
export interface CreateHookRequestContent {
/** Name of this hook. */
name: string;
/** Code to be executed when this hook runs. */
script: string;
/** Whether this hook will be executed (true) or ignored (false). */
enabled?: boolean;
dependencies?: Management.HookDependencies;
/** Execution stage of this rule. Can be `credentials-exchange`, `pre-user-registration`, `post-user-registration`, `post-change-password`, or `send-phone-message`. */
triggerId: Management.HookTriggerIdEnum;
}
/**
* @example
* {
* fields: "fields"
* }
*/
export interface GetHookRequestParameters {
/** Comma-separated list of fields to include in the result. Leave empty to retrieve all fields. */
fields?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateHookRequestContent {
/** Name of this hook. */
name?: string;
/** Code to be executed when this hook runs. */
script?: string;
/** Whether this hook will be executed (true) or ignored (false). */
enabled?: boolean;
dependencies?: Management.HookDependencies;
}
/**
* @example
* {}
*/
export interface UpdateLogStreamRequestContent {
/** log stream name */
name?: string;
status?: Management.LogStreamStatusEnum;
/** True for priority log streams, false for non-priority */
isPriority?: boolean;
/** Only logs events matching these filters will be delivered by the stream. If omitted or empty, all events will be delivered. */
filters?: Management.LogStreamFilter[];
pii_config?: Management.LogStreamPiiConfig;
sink?: Management.LogStreamSinkPatch;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* sort: "sort",
* fields: "fields",
* include_fields: true,
* include_totals: true,
* search: "search"
* }
*/
export interface ListLogsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Paging is disabled if parameter not sent. Default: 50. Max value: 100 */
per_page?: number | null;
/** Field to use for sorting appended with :1 for ascending and :-1 for descending. e.g. date:-1 */
sort?: string | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false) */
include_fields?: boolean | null;
/** Return results as an array when false (default). Return results inside an object that also contains a total result count when true. */
include_totals?: boolean | null;
/**
* Retrieves logs that match the specified search criteria. This parameter can be combined with all the others in the /api/logs endpoint but is specified separately for clarity.
* If no fields are provided a case insensitive 'starts with' search is performed on all of the following fields: client_name, connection, user_name. Otherwise, you can specify multiple fields and specify the search using the %field%:%search%, for example: application:node user:"John@contoso.com".
* Values specified without quotes are matched using a case insensitive 'starts with' search. If quotes are used a case insensitve exact search is used. If multiple fields are used, the AND operator is used to join the clauses.
*/
search?: string | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListNetworkAclsRequestParameters {
/** Use this field to request a specific page of the list results. */
page?: number | null;
/** The amount of results per page. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* description: "description",
* active: true,
* rule: {
* action: {},
* scope: "management"
* }
* }
*/
export interface CreateNetworkAclRequestContent {
description: string;
/** Indicates whether or not this access control list is actively being used */
active: boolean;
/** Indicates the order in which the ACL will be evaluated relative to other ACL rules. */
priority?: number;
rule: Management.NetworkAclRule;
}
/**
* @example
* {
* description: "description",
* active: true,
* rule: {
* action: {},
* scope: "management"
* }
* }
*/
export interface SetNetworkAclRequestContent {
description: string;
/** Indicates whether or not this access control list is actively being used */
active: boolean;
/** Indicates the order in which the ACL will be evaluated relative to other ACL rules. */
priority?: number;
rule: Management.NetworkAclRule;
}
/**
* @example
* {}
*/
export interface UpdateNetworkAclRequestContent {
description?: string;
/** Indicates whether or not this access control list is actively being used */
active?: boolean;
/** Indicates the order in which the ACL will be evaluated relative to other ACL rules. */
priority?: number;
rule?: Management.NetworkAclRule;
}
/**
* @example
* {
* from: "from",
* take: 1,
* sort: "sort"
* }
*/
export interface ListOrganizationsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1. We currently support sorting by the following fields: name, display_name and created_at. */
sort?: string | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateOrganizationRequestContent {
/** The name of this organization. */
name: string;
/** Friendly name of this organization. */
display_name?: string;
branding?: Management.OrganizationBranding;
metadata?: Management.OrganizationMetadata;
/** Connections that will be enabled for this organization. See POST enabled_connections endpoint for the object format. (Max of 10 connections allowed) */
enabled_connections?: Management.ConnectionForOrganization[];
token_quota?: Management.CreateTokenQuota;
}
/**
* @example
* {}
*/
export interface UpdateOrganizationRequestContent {
/** Friendly name of this organization. */
display_name?: string;
/** The name of this organization. */
name?: string;
branding?: Management.OrganizationBranding;
metadata?: Management.OrganizationMetadata;
token_quota?: Management.UpdateTokenQuota | null;
}
/**
* @example
* {}
*/
export interface UpdateSettingsRequestContent {
universal_login_experience?: Management.UniversalLoginExperienceEnum;
/** Whether identifier first is enabled or not */
identifier_first?: boolean | null;
/** Use WebAuthn with Device Biometrics as the first authentication factor */
webauthn_platform_first_factor?: boolean | null;
}
/**
* @example
* {
* user_id: "user_id",
* client_id: "client_id",
* from: "from",
* take: 1,
* fields: "fields",
* include_fields: true
* }
*/
export interface GetRefreshTokensRequestParameters {
/** ID of the user whose refresh tokens to retrieve. Required. */
user_id: string;
/** Filter results by client ID. Only valid when user_id is provided. */
client_id?: string | null;
/** An opaque cursor from which to start the selection (exclusive). Expires after 24 hours. Obtained from the next property of a previous response. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateRefreshTokenRequestContent {
/** Metadata associated with the refresh token. Pass null or {} to remove all metadata. */
refresh_token_metadata?: (Management.RefreshTokenMetadata | undefined) | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* include_fields: true
* }
*/
export interface ListResourceServerRequestParameters {
/** An optional filter on the resource server identifier. Must be URL encoded and may be specified multiple times (max 10).
e.g. ../resource-servers?identifiers=id1&identifiers=id2 */
identifiers?: (string | null) | (string | null)[];
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {
* identifier: "identifier"
* }
*/
export interface CreateResourceServerRequestContent {
/** Friendly name for this resource server. Can not contain `<` or `>` characters. */
name?: string;
/** Unique identifier for the API used as the audience parameter on authorization calls. Can not be changed once set. */
identifier: string;
/** List of permissions (scopes) that this API uses. */
scopes?: Management.ResourceServerScope[];
signing_alg?: Management.SigningAlgorithmEnum;
/** Secret used to sign tokens when using symmetric algorithms (HS256). */
signing_secret?: string;
/** Whether refresh tokens can be issued for this API (true) or not (false). */
allow_offline_access?: boolean;
/** Whether Online Refresh Tokens can be issued for this API (true) or not (false). */
allow_online_access?: boolean;
/** Expiration value (in seconds) for access tokens issued for this API from the token endpoint. */
token_lifetime?: number;
token_dialect?: Management.ResourceServerTokenDialectSchemaEnum;
/** Whether to skip user consent for applications flagged as first party (true) or not (false). */
skip_consent_for_verifiable_first_party_clients?: boolean;
/** Whether to enforce authorization policies (true) or to ignore them (false). */
enforce_policies?: boolean;
token_encryption?: Management.ResourceServerTokenEncryption | null;
consent_policy?: Management.ResourceServerConsentPolicyEnum | null;
authorization_details?: unknown[] | null;
proof_of_possession?: Management.ResourceServerProofOfPossession | null;
subject_type_authorization?: Management.ResourceServerSubjectTypeAuthorization;
}
/**
* @example
* {
* include_fields: true
* }
*/
export interface GetResourceServerRequestParameters {
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateResourceServerRequestContent {
/** Friendly name for this resource server. Can not contain `<` or `>` characters. */
name?: string;
/** List of permissions (scopes) that this API uses. */
scopes?: Management.ResourceServerScope[];
signing_alg?: Management.SigningAlgorithmEnum;
/** Secret used to sign tokens when using symmetric algorithms (HS256). */
signing_secret?: string;
/** Whether to skip user consent for applications flagged as first party (true) or not (false). */
skip_consent_for_verifiable_first_party_clients?: boolean;
/** Whether refresh tokens can be issued for this API (true) or not (false). */
allow_offline_access?: boolean;
/** Whether Online Refresh Tokens can be issued for this API (true) or not (false). */
allow_online_access?: boolean;
/** Expiration value (in seconds) for access tokens issued for this API from the token endpoint. */
token_lifetime?: number;
token_dialect?: Management.ResourceServerTokenDialectSchemaEnum;
/** Whether authorization policies are enforced (true) or not enforced (false). */
enforce_policies?: boolean;
token_encryption?: Management.ResourceServerTokenEncryption | null;
consent_policy?: Management.ResourceServerConsentPolicyEnum | null;
authorization_details?: unknown[] | null;
proof_of_possession?: Management.ResourceServerProofOfPossession | null;
subject_type_authorization?: Management.ResourceServerSubjectTypeAuthorization;
}
/**
* @example
* {
* per_page: 1,
* page: 1,
* include_totals: true,
* name_filter: "name_filter"
* }
*/
export interface ListRolesRequestParameters {
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Optional filter on name (case-insensitive). */
name_filter?: string | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateRoleRequestContent {
/** Name of the role. */
name: string;
/** Description of the role. */
description?: string;
}
/**
* @example
* {}
*/
export interface UpdateRoleRequestContent {
/** Name of this role. */
name?: string;
/** Description of this role. */
description?: string;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* enabled: true,
* fields: "fields",
* include_fields: true
* }
*/
export interface ListRulesRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Optional filter on whether a rule is enabled (true) or disabled (false). */
enabled?: boolean | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {
* name: "name",
* script: "script"
* }
*/
export interface CreateRuleRequestContent {
/** Name of this rule. */
name: string;
/** Code to be executed when this rule runs. */
script: string;
/** Order that this rule should execute in relative to other rules. Lower-valued rules execute first. */
order?: number;
/** Whether the rule is enabled (true), or disabled (false). */
enabled?: boolean;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetRuleRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateRuleRequestContent {
/** Code to be executed when this rule runs. */
script?: string;
/** Name of this rule. */
name?: string;
/** Order that this rule should execute in relative to other rules. Lower-valued rules execute first. */
order?: number;
/** Whether the rule is enabled (true), or disabled (false). */
enabled?: boolean;
}
/**
* @example
* {
* value: "value"
* }
*/
export interface SetRulesConfigRequestContent {
/** Value for a rules config variable. */
value: string;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListSelfServiceProfilesRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* name: "name"
* }
*/
export interface CreateSelfServiceProfileRequestContent {
/** The name of the self-service Profile. */
name: string;
/** The description of the self-service Profile. */
description?: string;
branding?: Management.SelfServiceProfileBrandingProperties;
/** List of IdP strategies that will be shown to users during the Self-Service SSO flow. Possible values: [`oidc`, `samlp`, `waad`, `google-apps`, `adfs`, `okta`, `auth0-samlp`, `okta-samlp`, `keycloak-samlp`, `pingfederate`] */
allowed_strategies?: Management.SelfServiceProfileAllowedStrategyEnum[];
/** List of attributes to be mapped that will be shown to the user during the SS-SSO flow. */
user_attributes?: Management.SelfServiceProfileUserAttribute[];
/** ID of the user-attribute-profile to associate with this self-service profile. */
user_attribute_profile_id?: string;
}
/**
* @example
* {}
*/
export interface UpdateSelfServiceProfileRequestContent {
/** The name of the self-service Profile. */
name?: string;
description?: (Management.SelfServiceProfileDescription | undefined) | null;
branding?: Management.SelfServiceProfileBranding | undefined;
/** List of IdP strategies that will be shown to users during the Self-Service SSO flow. Possible values: [`oidc`, `samlp`, `waad`, `google-apps`, `adfs`, `okta`, `auth0-samlp`, `okta-samlp`, `keycloak-samlp`, `pingfederate`] */
allowed_strategies?: Management.SelfServiceProfileAllowedStrategyEnum[];
user_attributes?: (Management.SelfServiceProfileUserAttributes | undefined) | null;
/** ID of the user-attribute-profile to associate with this self-service profile. */
user_attribute_profile_id?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateSessionRequestContent {
/** Metadata associated with the session. Pass null or {} to remove all session_metadata. */
session_metadata?: (Management.SessionMetadata | undefined) | null;
}
/**
* @example
* {
* from: "from",
* to: "to"
* }
*/
export interface GetDailyStatsRequestParameters {
/** Optional first day of the date range (inclusive) in YYYYMMDD format. */
from?: string | null;
/** Optional last day of the date range (inclusive) in YYYYMMDD format. */
to?: string | null;
}
/**
* @example
* {
* akamai_enabled: true
* }
*/
export interface UpdateSupplementalSignalsRequestContent {
/** Indicates if incoming Akamai Headers should be processed */
akamai_enabled: boolean;
}
/**
* @example
* {
* user_id: "user_id"
* }
*/
export interface VerifyEmailTicketRequestContent {
/** URL the user will be redirected to in the classic Universal Login experience once the ticket is used. Cannot be specified when using client_id or organization_id. */
result_url?: string;
/** user_id of for whom the ticket should be created. */
user_id: string;
/** ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger. */
client_id?: string;
/** (Optional) Organization ID – the ID of the Organization. If provided, organization parameters will be made available to the email template and organization branding will be applied to the prompt. In addition, the redirect link in the prompt will include organization_id and organization_name query string parameters. */
organization_id?: string;
/** Number of seconds for which the ticket is valid before expiration. If unspecified or set to 0, this value defaults to 432000 seconds (5 days). */
ttl_sec?: number;
/** Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false). */
includeEmailInRedirect?: boolean;
identity?: Management.Identity;
}
/**
* @example
* {}
*/
export interface ChangePasswordTicketRequestContent {
/** URL the user will be redirected to in the classic Universal Login experience once the ticket is used. Cannot be specified when using client_id or organization_id. */
result_url?: string;
/** user_id of for whom the ticket should be created. */
user_id?: string;
/** ID of the client (application). If provided for tenants using the New Universal Login experience, the email template and UI displays application details, and the user is prompted to redirect to the application's default login route after the ticket is used. client_id is required to use the Password Reset Post Challenge trigger. */
client_id?: string;
/** (Optional) Organization ID – the ID of the Organization. If provided, organization parameters will be made available to the email template and organization branding will be applied to the prompt. In addition, the redirect link in the prompt will include organization_id and organization_name query string parameters. */
organization_id?: string;
/** ID of the connection. If provided, allows the user to be specified using email instead of user_id. If you set this value, you must also send the email parameter. You cannot send user_id when specifying a connection_id. */
connection_id?: string;
/** Email address of the user for whom the tickets should be created. Requires the connection_id parameter. Cannot be specified when using user_id. */
email?: string;
/** Number of seconds for which the ticket is valid before expiration. If unspecified or set to 0, this value defaults to 432000 seconds (5 days). */
ttl_sec?: number;
/** Whether to set the email_verified attribute to true (true) or whether it should not be updated (false). */
mark_email_as_verified?: boolean;
/** Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false). */
includeEmailInRedirect?: boolean;
identity?: Management.ChangePasswordTicketIdentity;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface TokenExchangeProfilesListRequest {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* name: "name",
* subject_token_type: "subject_token_type",
* action_id: "action_id",
* type: "custom_authentication"
* }
*/
export interface CreateTokenExchangeProfileRequestContent {
/** Friendly name of this profile. */
name: string;
/** Subject token type for this profile. When receiving a token exchange request on the Authentication API, the corresponding token exchange profile with a matching subject_token_type will be executed. This must be a URI. */
subject_token_type: string;
/** The ID of the Custom Token Exchange action to execute for this profile, in order to validate the subject_token. The action must use the custom-token-exchange trigger. */
action_id: string;
type: Management.TokenExchangeProfileTypeEnum;
}
/**
* @example
* {}
*/
export interface UpdateTokenExchangeProfileRequestContent {
/** Friendly name of this profile. */
name?: string;
/** Subject token type for this profile. When receiving a token exchange request on the Authentication API, the corresponding token exchange profile with a matching subject_token_type will be executed. This must be a URI. */
subject_token_type?: string;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListUserAttributeProfileRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 5. */
take?: number | null;
}
/**
* @example
* {
* name: "name",
* user_attributes: {
* "key": {
* description: "description",
* label: "label",
* profile_required: true,
* auth0_mapping: "auth0_mapping"
* }
* }
* }
*/
export interface CreateUserAttributeProfileRequestContent {
name: Management.UserAttributeProfileName;
user_id?: Management.UserAttributeProfileUserId;
user_attributes: Management.UserAttributeProfileUserAttributes;
}
/**
* @example
* {}
*/
export interface UpdateUserAttributeProfileRequestContent {
name?: Management.UserAttributeProfileName;
user_id?: Management.UserAttributeProfilePatchUserId | undefined;
user_attributes?: Management.UserAttributeProfileUserAttributes;
}
/**
* @example
* {
* identifier: "identifier",
* consider_brute_force_enablement: true
* }
*/
export interface ListUserBlocksByIdentifierRequestParameters {
/** Should be any of a username, phone number, or email. */
identifier: string;
/**
* If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.
* If true and Brute Force Protection is disabled, will return an empty list.
*
*/
consider_brute_force_enablement?: boolean | null;
}
/**
* @example
* {
* identifier: "identifier"
* }
*/
export interface DeleteUserBlocksByIdentifierRequestParameters {
/** Should be any of a username, phone number, or email. */
identifier: string;
}
/**
* @example
* {
* consider_brute_force_enablement: true
* }
*/
export interface ListUserBlocksRequestParameters {
/**
* If true and Brute Force Protection is enabled and configured to block logins, will return a list of blocked IP addresses.
* If true and Brute Force Protection is disabled, will return an empty list.
*
*/
consider_brute_force_enablement?: boolean | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* sort: "sort",
* connection: "connection",
* fields: "fields",
* include_fields: true,
* q: "q",
* search_engine: "v1",
* primary_order: true
* }
*/
export interface ListUsersRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Field to sort by. Use field:order where order is 1 for ascending and -1 for descending. e.g. created_at:1 */
sort?: string | null;
/** Connection filter. Only applies when using search_engine=v1. To filter by connection with search_engine=v2|v3, use q=identities.connection:"connection_name" */
connection?: string | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Query in Lucene query string syntax. Some query types cannot be used on metadata fields, for details see Searchable Fields. */
q?: string | null;
/** The version of the search engine */
search_engine?: Management.SearchEngineVersionsEnum | null;
/** If true (default), results are returned in a deterministic order. If false, results may be returned in a non-deterministic order, which can enhance performance for complex queries targeting a small number of users. Set to false only when consistent ordering and pagination is not required. */
primary_order?: boolean | null;
}
/**
* @example
* {
* connection: "connection"
* }
*/
export interface CreateUserRequestContent {
/** The user's email. */
email?: string;
/** The user's phone number (following the E.164 recommendation). */
phone_number?: string;
user_metadata?: Management.UserMetadata;
/** Whether this user was blocked by an administrator (true) or not (false). */
blocked?: boolean;
/** Whether this email address is verified (true) or unverified (false). User will receive a verification email after creation if `email_verified` is false or not specified */
email_verified?: boolean;
/** Whether this phone number has been verified (true) or not (false). */
phone_verified?: boolean;
app_metadata?: Management.AppMetadata;
/** The user's given name(s). */
given_name?: string;
/** The user's family name(s). */
family_name?: string;
/** The user's full name. */
name?: string;
/** The user's nickname. */
nickname?: string;
/** A URI pointing to the user's picture. */
picture?: string;
/** The external user's id provided by the identity provider. */
user_id?: string;
/** Name of the connection this user should be created in. */
connection: string;
/** Initial password for this user. Only valid for auth0 connection strategy. */
password?: string;
/** Whether the user will receive a verification email after creation (true) or no email (false). Overrides behavior of `email_verified` parameter. */
verify_email?: boolean;
/** The user's username. Only valid if the connection requires a username. */
username?: string;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true,
* email: "email"
* }
*/
export interface ListUsersByEmailRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). Defaults to true. */
include_fields?: boolean | null;
/** Email address to search for (case-sensitive). */
email: string;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetUserRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateUserRequestContent {
/** Whether this user was blocked by an administrator (true) or not (false). */
blocked?: boolean;
/** Whether this email address is verified (true) or unverified (false). If set to false the user will not receive a verification email unless `verify_email` is set to true. */
email_verified?: boolean;
/** Email address of this user. */
email?: string | null;
/** The user's phone number (following the E.164 recommendation). */
phone_number?: string | null;
/** Whether this phone number has been verified (true) or not (false). */
phone_verified?: boolean;
/** User metadata to which this user has read/write access. */
user_metadata?: Management.UserMetadata;
/** User metadata to which this user has read-only access. */
app_metadata?: Management.AppMetadata;
/** Given name/first name/forename of this user. */
given_name?: string | null;
/** Family name/last name/surname of this user. */
family_name?: string | null;
/** Name of this user. */
name?: string | null;
/** Preferred nickname or alias of this user. */
nickname?: string | null;
/** URL to picture, photo, or avatar of this user. */
picture?: string | null;
/** Whether this user will receive a verification email after creation (true) or no email (false). Overrides behavior of `email_verified` parameter. */
verify_email?: boolean;
/** Whether this user will receive a text after changing the phone number (true) or no text (false). Only valid when changing phone number for SMS connections. */
verify_phone_number?: boolean;
/** New password for this user. Only valid for database connections. */
password?: string | null;
/** Name of the connection to target for this user update. */
connection?: string;
/** Auth0 client ID. Only valid when updating email address. */
client_id?: string;
/** The user's username. Only valid if the connection requires a username. */
username?: string | null;
}
/**
* @example
* {}
*/
export interface RevokeUserAccessRequestContent {
/** ID of the session to revoke. */
session_id?: string;
/** Whether to preserve the refresh tokens associated with the session. */
preserve_refresh_tokens?: boolean;
}
/**
* @example
* {
* page: 1,
* per_page: 1
* }
*/
export interface ListActionVersionsRequestParameters {
/** Use this field to request a specific page of the list results. */
page?: number | null;
/** This field specify the maximum number of results to be returned by the server. 20 by default */
per_page?: number | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1
* }
*/
export interface GetActionModulesRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Paging is disabled if parameter not sent. */
per_page?: number | null;
}
/**
* @example
* {
* name: "name",
* code: "code"
* }
*/
export interface CreateActionModuleRequestContent {
/** The name of the action module. */
name: string;
/** The source code of the action module. */
code: string;
/** The secrets to associate with the action module. */
secrets?: Management.ActionModuleSecretRequest[];
/** The npm dependencies of the action module. */
dependencies?: Management.ActionModuleDependencyRequest[];
/** The API version of the module. */
api_version?: string;
/** Whether to publish the module immediately after creation. */
publish?: boolean;
}
/**
* @example
* {}
*/
export interface UpdateActionModuleRequestContent {
/** The source code of the action module. */
code?: string;
/** The secrets to associate with the action module. */
secrets?: Management.ActionModuleSecretRequest[];
/** The npm dependencies of the action module. */
dependencies?: Management.ActionModuleDependencyRequest[];
}
/**
* @example
* {
* page: 1,
* per_page: 1
* }
*/
export interface GetActionModuleActionsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. */
per_page?: number | null;
}
/**
* @example
* {
* module_version_id: "module_version_id"
* }
*/
export interface RollbackActionModuleRequestParameters {
/** The unique ID of the module version to roll back to. */
module_version_id: string;
}
/**
* @example
* {
* page: 1,
* per_page: 1
* }
*/
export interface GetActionModuleVersionsRequestParameters {
/** Use this field to request a specific page of the list results. */
page?: number | null;
/** The maximum number of results to be returned by the server in a single response. 20 by default. */
per_page?: number | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1
* }
*/
export interface ListActionTriggerBindingsRequestParameters {
/** Use this field to request a specific page of the list results. */
page?: number | null;
/** The maximum number of results to be returned in a single request. 20 by default */
per_page?: number | null;
}
/**
* @example
* {}
*/
export interface UpdateActionBindingsRequestContent {
/** The actions that will be bound to this trigger. The order in which they are included will be the order in which they are executed. */
bindings?: Management.ActionBindingWithRef[];
}
/**
* @example
* {}
*/
export interface UpdateBotDetectionSettingsRequestContent {
bot_detection_level?: Management.BotDetectionLevelEnum;
challenge_password_policy?: Management.BotDetectionChallengePolicyPasswordFlowEnum;
challenge_passwordless_policy?: Management.BotDetectionChallengePolicyPasswordlessFlowEnum;
challenge_password_reset_policy?: Management.BotDetectionChallengePolicyPasswordResetFlowEnum;
allowlist?: Management.BotDetectionAllowlist;
monitoring_mode_enabled?: Management.BotDetectionMonitoringModeEnabled;
}
/**
* @example
* {}
*/
export interface UpdateBreachedPasswordDetectionSettingsRequestContent {
/** Whether or not breached password detection is active. */
enabled?: boolean;
/**
* Action to take when a breached password is detected during a login.
* Possible values: block, user_notification, admin_notification.
*/
shields?: Management.BreachedPasswordDetectionShieldsEnum[];
/**
* When "admin_notification" is enabled, determines how often email notifications are sent.
* Possible values: immediately, daily, weekly, monthly.
*/
admin_notification_frequency?: Management.BreachedPasswordDetectionAdminNotificationFrequencyEnum[];
method?: Management.BreachedPasswordDetectionMethodEnum;
stage?: Management.BreachedPasswordDetectionStage;
}
/**
* @example
* {}
*/
export interface UpdateBruteForceSettingsRequestContent {
/** Whether or not brute force attack protections are active. */
enabled?: boolean;
/**
* Action to take when a brute force protection threshold is violated.
* Possible values: block, user_notification.
*/
shields?: Management.BruteForceProtectionShieldsEnum[];
/** List of trusted IP addresses that will not have attack protection enforced against them. */
allowlist?: string[];
mode?: Management.BruteForceProtectionModeEnum;
/** Maximum number of unsuccessful attempts. */
max_attempts?: number;
}
/**
* @example
* {}
*/
export interface UpdateAttackProtectionCaptchaRequestContent {
active_provider_id?: Management.AttackProtectionCaptchaProviderId;
arkose?: Management.AttackProtectionUpdateCaptchaArkose;
auth_challenge?: Management.AttackProtectionCaptchaAuthChallengeRequest;
hcaptcha?: Management.AttackProtectionUpdateCaptchaHcaptcha;
friendly_captcha?: Management.AttackProtectionUpdateCaptchaFriendlyCaptcha;
recaptcha_enterprise?: Management.AttackProtectionUpdateCaptchaRecaptchaEnterprise;
recaptcha_v2?: Management.AttackProtectionUpdateCaptchaRecaptchaV2;
simple_captcha?: Management.AttackProtectionCaptchaSimpleCaptchaResponseContent;
}
/**
* @example
* {}
*/
export interface UpdateSuspiciousIpThrottlingSettingsRequestContent {
/** Whether or not suspicious IP throttling attack protections are active. */
enabled?: boolean;
/**
* Action to take when a suspicious IP throttling threshold is violated.
* Possible values: block, admin_notification.
*/
shields?: Management.SuspiciousIpThrottlingShieldsEnum[];
allowlist?: Management.SuspiciousIpThrottlingAllowlist;
stage?: Management.SuspiciousIpThrottlingStage;
}
/**
* @example
* {
* borders: {
* button_border_radius: 1.1,
* button_border_weight: 1.1,
* buttons_style: "pill",
* input_border_radius: 1.1,
* input_border_weight: 1.1,
* inputs_style: "pill",
* show_widget_shadow: true,
* widget_border_weight: 1.1,
* widget_corner_radius: 1.1
* },
* colors: {
* body_text: "body_text",
* error: "error",
* header: "header",
* icons: "icons",
* input_background: "input_background",
* input_border: "input_border",
* input_filled_text: "input_filled_text",
* input_labels_placeholders: "input_labels_placeholders",
* links_focused_components: "links_focused_components",
* primary_button: "primary_button",
* primary_button_label: "primary_button_label",
* secondary_button_border: "secondary_button_border",
* secondary_button_label: "secondary_button_label",
* success: "success",
* widget_background: "widget_background",
* widget_border: "widget_border"
* },
* fonts: {
* body_text: {
* bold: true,
* size: 1.1
* },
* buttons_text: {
* bold: true,
* size: 1.1
* },
* font_url: "font_url",
* input_labels: {
* bold: true,
* size: 1.1
* },
* links: {
* bold: true,
* size: 1.1
* },
* links_style: "normal",
* reference_text_size: 1.1,
* subtitle: {
* bold: true,
* size: 1.1
* },
* title: {
* bold: true,
* size: 1.1
* }
* },
* page_background: {
* background_color: "background_color",
* background_image_url: "background_image_url",
* page_layout: "center"
* },
* widget: {
* header_text_alignment: "center",
* logo_height: 1.1,
* logo_position: "center",
* logo_url: "logo_url",
* social_buttons_layout: "bottom"
* }
* }
*/
export interface CreateBrandingThemeRequestContent {
borders: Management.BrandingThemeBorders;
colors: Management.BrandingThemeColors;
/** Display Name */
displayName?: string;
fonts: Management.BrandingThemeFonts;
page_background: Management.BrandingThemePageBackground;
widget: Management.BrandingThemeWidget;
}
/**
* @example
* {
* borders: {
* button_border_radius: 1.1,
* button_border_weight: 1.1,
* buttons_style: "pill",
* input_border_radius: 1.1,
* input_border_weight: 1.1,
* inputs_style: "pill",
* show_widget_shadow: true,
* widget_border_weight: 1.1,
* widget_corner_radius: 1.1
* },
* colors: {
* body_text: "body_text",
* error: "error",
* header: "header",
* icons: "icons",
* input_background: "input_background",
* input_border: "input_border",
* input_filled_text: "input_filled_text",
* input_labels_placeholders: "input_labels_placeholders",
* links_focused_components: "links_focused_components",
* primary_button: "primary_button",
* primary_button_label: "primary_button_label",
* secondary_button_border: "secondary_button_border",
* secondary_button_label: "secondary_button_label",
* success: "success",
* widget_background: "widget_background",
* widget_border: "widget_border"
* },
* fonts: {
* body_text: {
* bold: true,
* size: 1.1
* },
* buttons_text: {
* bold: true,
* size: 1.1
* },
* font_url: "font_url",
* input_labels: {
* bold: true,
* size: 1.1
* },
* links: {
* bold: true,
* size: 1.1
* },
* links_style: "normal",
* reference_text_size: 1.1,
* subtitle: {
* bold: true,
* size: 1.1
* },
* title: {
* bold: true,
* size: 1.1
* }
* },
* page_background: {
* background_color: "background_color",
* background_image_url: "background_image_url",
* page_layout: "center"
* },
* widget: {
* header_text_alignment: "center",
* logo_height: 1.1,
* logo_position: "center",
* logo_url: "logo_url",
* social_buttons_layout: "bottom"
* }
* }
*/
export interface UpdateBrandingThemeRequestContent {
borders: Management.BrandingThemeBorders;
colors: Management.BrandingThemeColors;
/** Display Name */
displayName?: string;
fonts: Management.BrandingThemeFonts;
page_background: Management.BrandingThemePageBackground;
widget: Management.BrandingThemeWidget;
}
/**
* @example
* {
* disabled: true
* }
*/
export interface ListBrandingPhoneProvidersRequestParameters {
/** Whether the provider is enabled (false) or disabled (true). */
disabled?: boolean | null;
}
/**
* @example
* {
* name: "twilio",
* credentials: {
* auth_token: "auth_token"
* }
* }
*/
export interface CreateBrandingPhoneProviderRequestContent {
name: Management.PhoneProviderNameEnum;
/** Whether the provider is enabled (false) or disabled (true). */
disabled?: boolean;
configuration?: Management.PhoneProviderConfiguration;
credentials: Management.PhoneProviderCredentials;
}
/**
* @example
* {}
*/
export interface UpdateBrandingPhoneProviderRequestContent {
name?: Management.PhoneProviderNameEnum;
/** Whether the provider is enabled (false) or disabled (true). */
disabled?: boolean;
credentials?: Management.PhoneProviderCredentials;
configuration?: Management.PhoneProviderConfiguration;
}
/**
* @example
* {
* to: "to"
* }
*/
export interface CreatePhoneProviderSendTestRequestContent {
/** The recipient phone number to receive a given notification. */
to: string;
delivery_method?: Management.PhoneProviderDeliveryMethodEnum;
}
/**
* @example
* {
* disabled: true
* }
*/
export interface ListPhoneTemplatesRequestParameters {
/** Whether the template is enabled (false) or disabled (true). */
disabled?: boolean | null;
}
/**
* @example
* {}
*/
export interface CreatePhoneTemplateRequestContent {
type?: Management.PhoneTemplateNotificationTypeEnum;
/** Whether the template is enabled (false) or disabled (true). */
disabled?: boolean;
content?: Management.PhoneTemplateContent;
}
/**
* @example
* {}
*/
export interface UpdatePhoneTemplateRequestContent {
content?: Management.PartialPhoneTemplateContent;
/** Whether the template is enabled (false) or disabled (true). */
disabled?: boolean;
}
/**
* @example
* {
* to: "to"
* }
*/
export interface CreatePhoneTemplateTestNotificationRequestContent {
/** Destination of the testing phone notification */
to: string;
/** Medium to use to send the notification */
delivery_method?: Management.PhoneProviderDeliveryMethodEnum;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListClientGrantOrganizationsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* credential_type: "public_key"
* }
*/
export interface PostClientCredentialRequestContent {
credential_type: Management.ClientCredentialTypeEnum;
/** Friendly name for a credential. */
name?: string;
/** Subject Distinguished Name. Mutually exclusive with `pem` property. Applies to `cert_subject_dn` credential type. */
subject_dn?: string;
/** PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped. */
pem?: string;
alg?: Management.PublicKeyCredentialAlgorithmEnum;
/** Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. Applies to `public_key` credential type. */
parse_expiry_from_cert?: boolean;
/** The ISO 8601 formatted date representing the expiration of the credential. If not specified (not recommended), the credential never expires. Applies to `public_key` credential type. */
expires_at?: string;
/** Optional kid (Key ID), used to uniquely identify the credential. If not specified, a kid value will be auto-generated. The kid header parameter in JWTs sent by your client should match this value. Valid format is [0-9a-zA-Z-_]{10,64} */
kid?: string;
}
/**
* @example
* {}
*/
export interface PatchClientCredentialRequestContent {
/** The ISO 8601 formatted date representing the expiration of the credential. */
expires_at?: string | null;
}
/**
* @example
* {
* from: "from",
* take: 1,
* fields: "fields",
* include_fields: true
* }
*/
export interface ConnectionsGetRequest {
/** Provide strategies to only retrieve connections with such strategies */
strategy?: (Management.ConnectionStrategyEnum | null) | (Management.ConnectionStrategyEnum | null)[];
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** true if the fields specified are to be included in the result, false otherwise (defaults to true) */
include_fields?: boolean | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListDirectoryProvisioningsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListSynchronizedGroupsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* groups: [{
* id: "id"
* }]
* }
*/
export interface ReplaceSynchronizedGroupsRequestContent {
/** Array of Google Workspace Directory group objects to synchronize. */
groups: Management.SynchronizedGroupPayload[];
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListScimConfigurationsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* user_id_attribute: "user_id_attribute",
* mapping: [{}]
* }
*/
export interface UpdateScimConfigurationRequestContent {
/** User ID attribute for generating unique user ids */
user_id_attribute: string;
/** The mapping between auth0 and SCIM */
mapping: Management.ScimMappingItem[];
}
/**
* @example
* {
* take: 1,
* from: "from"
* }
*/
export interface GetConnectionEnabledClientsRequestParameters {
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Optional Id from which to start selection. */
from?: string | null;
}
/**
* @example
* {
* email: "email"
* }
*/
export interface DeleteConnectionUsersByEmailQueryParameters {
/** The email of the user to delete */
email: string;
}
/**
* @example
* {}
*/
export interface CreateScimTokenRequestContent {
/** The scopes of the scim token */
scopes?: string[];
/** Lifetime of the token in seconds. Must be greater than 900 */
token_lifetime?: number | null;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetEmailProviderRequestParameters {
/** Comma-separated list of fields to include or exclude (dependent upon include_fields) from the result. Leave empty to retrieve `name` and `enabled`. Additional fields available include `credentials`, `default_from_address`, and `settings`. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {
* name: "mailgun",
* credentials: {
* api_key: "api_key"
* }
* }
*/
export interface CreateEmailProviderRequestContent {
name: Management.EmailProviderNameEnum;
/** Whether the provider is enabled (true) or disabled (false). */
enabled?: boolean;
/** Email address to use as "from" when no other address specified. */
default_from_address?: string;
credentials: Management.EmailProviderCredentialsSchema;
settings?: (Management.EmailSpecificProviderSettingsWithAdditionalProperties | undefined) | null;
}
/**
* @example
* {}
*/
export interface UpdateEmailProviderRequestContent {
name?: Management.EmailProviderNameEnum;
/** Whether the provider is enabled (true) or disabled (false). */
enabled?: boolean;
/** Email address to use as "from" when no other address specified. */
default_from_address?: string;
credentials?: Management.EmailProviderCredentialsSchema;
settings?: (Management.EmailSpecificProviderSettingsWithAdditionalProperties | undefined) | null;
}
/**
* @example
* {
* statuses: "statuses",
* event_types: "event_types",
* date_from: "date_from",
* date_to: "date_to",
* from: "from",
* take: 1
* }
*/
export interface ListEventStreamDeliveriesRequestParameters {
/** Comma-separated list of statuses by which to filter */
statuses?: string | null;
/** Comma-separated list of event types by which to filter */
event_types?: string | null;
/** An RFC-3339 date-time for redelivery start, inclusive. Does not allow sub-second precision. */
date_from?: string | null;
/** An RFC-3339 date-time for redelivery end, exclusive. Does not allow sub-second precision. */
date_to?: string | null;
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {}
*/
export interface CreateEventStreamRedeliveryRequestContent {
/** An RFC-3339 date-time for redelivery start, inclusive. Does not allow sub-second precision. */
date_from?: string;
/** An RFC-3339 date-time for redelivery end, exclusive. Does not allow sub-second precision. */
date_to?: string;
/** Filter by status */
statuses?: Management.EventStreamDeliveryStatusEnum[];
/** Filter by event type */
event_types?: Management.EventStreamEventTypeEnum[];
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListFlowExecutionsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {}
*/
export interface GetFlowExecutionRequestParameters {
/** Hydration param */
hydrate?: (Management.GetFlowExecutionRequestParametersHydrateEnum | null) | (Management.GetFlowExecutionRequestParametersHydrateEnum | null)[];
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListFlowsVaultConnectionsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateFlowsVaultConnectionRequestContent {
/** Flows Vault Connection name. */
name?: string;
setup?: Management.UpdateFlowsVaultConnectionSetup;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true,
* from: "from",
* take: 1
* }
*/
export interface GetGroupMembersRequestParameters {
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* user_id: "user_id"
* }
*/
export interface CreateGuardianEnrollmentTicketRequestContent {
/** user_id for the enrollment ticket */
user_id: string;
/** alternate email to which the enrollment email will be sent. Optional - by default, the email will be sent to the user's default address */
email?: string;
/** Send an email to the user to start the enrollment */
send_mail?: boolean;
/** Optional. Specify the locale of the enrollment email. Used with send_email. */
email_locale?: string;
factor?: Management.GuardianEnrollmentFactorEnum;
/** Optional. Allows a user who has previously enrolled in MFA to enroll with additional factors.
Note: Parameter can only be used with Universal Login; it cannot be used with Classic Login or custom MFA pages. */
allow_multiple_enrollments?: boolean;
}
/**
* @example
* {
* enabled: true
* }
*/
export interface SetGuardianFactorRequestContent {
/** Whether this factor is enabled (true) or disabled (false). */
enabled: boolean;
}
/**
* @example
* {
* message_types: ["sms"]
* }
*/
export interface SetGuardianFactorPhoneMessageTypesRequestContent {
/** The list of phone factors to enable on the tenant. Can include `sms` and `voice`. */
message_types: Management.GuardianFactorPhoneFactorMessageTypeEnum[];
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderPhoneTwilioRequestContent {
/** From number */
from?: string | null;
/** Copilot SID */
messaging_service_sid?: string | null;
/** Twilio Authentication token */
auth_token?: string | null;
/** Twilio SID */
sid?: string | null;
}
/**
* @example
* {
* provider: "auth0"
* }
*/
export interface SetGuardianFactorsProviderPhoneRequestContent {
provider: Management.GuardianFactorsProviderSmsProviderEnum;
}
/**
* @example
* {
* enrollment_message: "enrollment_message",
* verification_message: "verification_message"
* }
*/
export interface SetGuardianFactorPhoneTemplatesRequestContent {
/** Message sent to the user when they are invited to enroll with a phone number. */
enrollment_message: string;
/** Message sent to the user when they are prompted to verify their account. */
verification_message: string;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderPushNotificationApnsRequestContent {
sandbox?: boolean;
bundle_id?: string | null;
p12?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateGuardianFactorsProviderPushNotificationApnsRequestContent {
sandbox?: boolean;
bundle_id?: string | null;
p12?: string | null;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderPushNotificationFcmRequestContent {
server_key?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateGuardianFactorsProviderPushNotificationFcmRequestContent {
server_key?: string | null;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderPushNotificationFcmv1RequestContent {
server_credentials?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent {
server_credentials?: string | null;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderPushNotificationSnsRequestContent {
aws_access_key_id?: string | null;
aws_secret_access_key?: string | null;
aws_region?: string | null;
sns_apns_platform_application_arn?: string | null;
sns_gcm_platform_application_arn?: string | null;
}
/**
* @example
* {}
*/
export interface UpdateGuardianFactorsProviderPushNotificationSnsRequestContent {
aws_access_key_id?: string | null;
aws_secret_access_key?: string | null;
aws_region?: string | null;
sns_apns_platform_application_arn?: string | null;
sns_gcm_platform_application_arn?: string | null;
}
/**
* @example
* {
* provider: "guardian"
* }
*/
export interface SetGuardianFactorsProviderPushNotificationRequestContent {
provider: Management.GuardianFactorsProviderPushNotificationProviderDataEnum;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorsProviderSmsTwilioRequestContent {
/** From number */
from?: string | null;
/** Copilot SID */
messaging_service_sid?: string | null;
/** Twilio Authentication token */
auth_token?: string | null;
/** Twilio SID */
sid?: string | null;
}
/**
* @example
* {
* provider: "auth0"
* }
*/
export interface SetGuardianFactorsProviderSmsRequestContent {
provider: Management.GuardianFactorsProviderSmsProviderEnum;
}
/**
* @example
* {
* enrollment_message: "enrollment_message",
* verification_message: "verification_message"
* }
*/
export interface SetGuardianFactorSmsTemplatesRequestContent {
/** Message sent to the user when they are invited to enroll with a phone number. */
enrollment_message: string;
/** Message sent to the user when they are prompted to verify their account. */
verification_message: string;
}
/**
* @example
* {}
*/
export interface SetGuardianFactorDuoSettingsRequestContent {
ikey?: string;
skey?: string;
host?: string;
}
/**
* @example
* {}
*/
export interface UpdateGuardianFactorDuoSettingsRequestContent {
ikey?: string;
skey?: string;
host?: string;
}
/**
* @example
* {}
*/
export interface CreateExportUsersRequestContent {
/** connection_id of the connection from which users will be exported. */
connection_id?: string;
format?: Management.JobFileFormatEnum;
/** Limit the number of records. */
limit?: number;
/** List of fields to be included in the CSV. Defaults to a predefined set of fields. */
fields?: Management.CreateExportUsersFields[];
}
/**
* @example
* {
* users: fs.createReadStream("/path/to/your/file"),
* connection_id: "connection_id"
* }
*/
export interface CreateImportUsersRequestContent {
users: core.file.Uploadable;
/** connection_id of the connection to which users will be imported. */
connection_id: string;
/** Whether to update users if they already exist (true) or to ignore them (false). */
upsert?: boolean;
/** Customer-defined ID. */
external_id?: string;
/** Whether to send a completion email to all tenant owners when the job is finished (true) or not (false). */
send_completion_email?: boolean;
}
/**
* @example
* {
* user_id: "user_id"
* }
*/
export interface CreateVerificationEmailRequestContent {
/** user_id of the user to send the verification email to. */
user_id: string;
/** client_id of the client (application). If no value provided, the global Client ID will be used. */
client_id?: string;
identity?: Management.Identity;
/** (Optional) Organization ID – the ID of the Organization. If provided, organization parameters will be made available to the email template and organization branding will be applied to the prompt. In addition, the redirect link in the prompt will include organization_id and organization_name query string parameters. */
organization_id?: string;
}
/**
* @example
* {
* keys: [{
* kty: "EC"
* }]
* }
*/
export interface SetCustomSigningKeysRequestContent {
/** An array of custom public signing keys. */
keys: Management.CustomSigningKeyJwk[];
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListEncryptionKeysRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Default value is 50, maximum value is 100. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* type: "customer-provided-root-key"
* }
*/
export interface CreateEncryptionKeyRequestContent {
type: Management.CreateEncryptionKeyType;
}
/**
* @example
* {
* wrapped_key: "wrapped_key"
* }
*/
export interface ImportEncryptionKeyRequestContent {
/** Base64 encoded ciphertext of key material wrapped by public wrapping key. */
wrapped_key: string;
}
/**
* @example
* {
* audience: "audience",
* client_id: "client_id",
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListOrganizationClientGrantsRequestParameters {
/** Optional filter on audience of the client grant. */
audience?: string | null;
/** Optional filter on client_id of the client grant. */
client_id?: string | null;
/** Optional filter on the ID of the client grant. Must be URL encoded and may be specified multiple times (max 10).
e.g. ../client-grants?grant_ids=id1&grant_ids=id2 */
grant_ids?: (string | null) | (string | null)[];
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* grant_id: "grant_id"
* }
*/
export interface AssociateOrganizationClientGrantRequestContent {
/** A Client Grant ID to add to the organization. */
grant_id: string;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* is_enabled: true
* }
*/
export interface ListOrganizationAllConnectionsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Filter connections by enabled status. */
is_enabled?: boolean | null;
}
/**
* @example
* {
* connection_id: "connection_id"
* }
*/
export interface CreateOrganizationAllConnectionRequestParameters {
/** Name of the connection in the scope of this organization. */
organization_connection_name?: string;
/** When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection. */
assign_membership_on_login?: boolean;
/** Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true. */
show_as_button?: boolean;
/** Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false. */
is_signup_enabled?: boolean;
organization_access_level?: Management.OrganizationAccessLevelEnum;
/** Whether the connection is enabled for the organization. */
is_enabled?: boolean;
/** Connection identifier. */
connection_id: string;
}
/**
* @example
* {}
*/
export interface UpdateOrganizationConnectionRequestParameters {
/** Name of the connection in the scope of this organization. */
organization_connection_name?: string | null;
/** When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection. */
assign_membership_on_login?: boolean;
/** Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true. */
show_as_button?: boolean;
/** Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false. */
is_signup_enabled?: boolean;
organization_access_level?: Management.OrganizationAccessLevelEnumWithNull | null;
/** Whether the connection is enabled for the organization. */
is_enabled?: boolean | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListOrganizationDiscoveryDomainsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* domain: "domain"
* }
*/
export interface CreateOrganizationDiscoveryDomainRequestContent {
/** The domain name to associate with the organization e.g. acme.com. */
domain: string;
status?: Management.OrganizationDiscoveryDomainStatus;
/** Indicates whether this domain should be used for organization discovery. */
use_for_organization_discovery?: boolean;
}
/**
* @example
* {}
*/
export interface UpdateOrganizationDiscoveryDomainRequestContent {
status?: Management.OrganizationDiscoveryDomainStatus;
/** Indicates whether this domain should be used for organization discovery. */
use_for_organization_discovery?: boolean;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListOrganizationConnectionsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* connection_id: "connection_id"
* }
*/
export interface AddOrganizationConnectionRequestContent {
/** Single connection ID to add to the organization. */
connection_id: string;
/** When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection. */
assign_membership_on_login?: boolean;
/** Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false. */
is_signup_enabled?: boolean;
/** Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true. */
show_as_button?: boolean;
}
/**
* @example
* {}
*/
export interface UpdateOrganizationConnectionRequestContent {
/** When true, all users that log in with this connection will be automatically granted membership in the organization. When false, users must be granted membership in the organization before logging in with this connection. */
assign_membership_on_login?: boolean;
/** Determines whether organization signup should be enabled for this organization connection. Only applicable for database connections. Default: false. */
is_signup_enabled?: boolean;
/** Determines whether a connection should be displayed on this organization’s login prompt. Only applicable for enterprise connections. Default: true. */
show_as_button?: boolean;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true,
* fields: "fields",
* include_fields: true,
* sort: "sort"
* }
*/
export interface ListOrganizationInvitationsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** When true, return results inside an object that also contains the start and limit. When false (default), a direct array of results is returned. We do not yet support returning the total invitations count. */
include_totals?: boolean | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). Defaults to true. */
include_fields?: boolean | null;
/** Field to sort by. Use field:order where order is 1 for ascending and -1 for descending Defaults to created_at:-1. */
sort?: string | null;
}
/**
* @example
* {
* inviter: {
* name: "name"
* },
* invitee: {
* email: "email"
* },
* client_id: "client_id"
* }
*/
export interface CreateOrganizationInvitationRequestContent {
inviter: Management.OrganizationInvitationInviter;
invitee: Management.OrganizationInvitationInvitee;
/** Auth0 client ID. Used to resolve the application's login initiation endpoint. */
client_id: string;
/** The id of the connection to force invitee to authenticate with. */
connection_id?: string;
app_metadata?: Management.AppMetadata;
user_metadata?: Management.UserMetadata;
/** Number of seconds for which the invitation is valid before expiration. If unspecified or set to 0, this value defaults to 604800 seconds (7 days). Max value: 2592000 seconds (30 days). */
ttl_sec?: number;
/** List of roles IDs to associated with the user. */
roles?: string[];
/** Whether the user will receive an invitation email (true) or no email (false), true by default */
send_invitation_email?: boolean;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetOrganizationInvitationRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). Defaults to true. */
include_fields?: boolean | null;
}
/**
* @example
* {
* from: "from",
* take: 1,
* fields: "fields",
* include_fields: true
* }
*/
export interface ListOrganizationMembersRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {
* members: ["members"]
* }
*/
export interface CreateOrganizationMemberRequestContent {
/** List of user IDs to add to the organization as members. */
members: string[];
}
/**
* @example
* {
* members: ["members"]
* }
*/
export interface DeleteOrganizationMembersRequestContent {
/** List of user IDs to remove from the organization. */
members: string[];
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListOrganizationMemberRolesRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* roles: ["roles"]
* }
*/
export interface AssignOrganizationMemberRolesRequestContent {
/** List of roles IDs to associated with the user. */
roles: string[];
}
/**
* @example
* {
* roles: ["roles"]
* }
*/
export interface DeleteOrganizationMemberRolesRequestContent {
/** List of roles IDs associated with the organization member to remove. */
roles: string[];
}
/**
* @example
* {
* fields: "fields",
* include_fields: true,
* page: 1,
* per_page: 1,
* include_totals: true,
* prompt: "prompt",
* screen: "screen",
* rendering_mode: "advanced"
* }
*/
export interface ListAculsRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (default: true) or excluded (false). */
include_fields?: boolean | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Maximum value is 100, default value is 50. */
per_page?: number | null;
/** Return results inside an object that contains the total configuration count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
/** Name of the prompt to filter by */
prompt?: string | null;
/** Name of the screen to filter by */
screen?: string | null;
/** Rendering mode to filter by */
rendering_mode?: Management.AculRenderingModeEnum | null;
}
/**
* @example
* {
* configs: [{
* prompt: "login",
* screen: "login"
* }]
* }
*/
export interface BulkUpdateAculRequestContent {
configs: Management.AculConfigs;
}
/**
* @example
* {}
*/
export interface UpdateAculRequestContent {
/** Rendering mode */
rendering_mode?: Management.AculRenderingModeEnum;
context_configuration?: (Management.AculContextConfiguration | undefined) | null;
/** Override Universal Login default head tags */
default_head_tags_disabled?: boolean | null;
/** Use page template with ACUL */
use_page_template?: boolean | null;
/** An array of head tags */
head_tags?: Management.AculHeadTag[] | null;
filters?: Management.AculFilters | null;
}
/**
* @example
* {
* enabled: true
* }
*/
export interface UpdateRiskAssessmentsSettingsRequestContent {
/** Whether or not risk assessment is enabled. */
enabled: boolean;
}
/**
* @example
* {
* remember_for: 1
* }
*/
export interface UpdateRiskAssessmentsSettingsNewDeviceRequestContent {
/** Length of time to remember devices for, in days. */
remember_for: number;
}
/**
* @example
* {
* per_page: 1,
* page: 1,
* include_totals: true
* }
*/
export interface ListRolePermissionsRequestParameters {
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* permissions: [{
* resource_server_identifier: "resource_server_identifier",
* permission_name: "permission_name"
* }]
* }
*/
export interface AddRolePermissionsRequestContent {
/** array of resource_server_identifier, permission_name pairs. */
permissions: Management.PermissionRequestPayload[];
}
/**
* @example
* {
* permissions: [{
* resource_server_identifier: "resource_server_identifier",
* permission_name: "permission_name"
* }]
* }
*/
export interface DeleteRolePermissionsRequestContent {
/** array of resource_server_identifier, permission_name pairs. */
permissions: Management.PermissionRequestPayload[];
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListRoleUsersRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* users: ["users"]
* }
*/
export interface AssignRoleUsersRequestContent {
/** user_id's of the users to assign the role to. */
users: string[];
}
/**
* @example
* {}
*/
export interface CreateSelfServiceProfileSsoTicketRequestContent {
/** If provided, this will allow editing of the provided connection during the SSO Flow */
connection_id?: string;
connection_config?: Management.SelfServiceProfileSsoTicketConnectionConfig;
/** List of client_ids that the connection will be enabled for. */
enabled_clients?: string[];
/** List of organizations that the connection will be enabled for. */
enabled_organizations?: Management.SelfServiceProfileSsoTicketEnabledOrganization[];
/** Number of seconds for which the ticket is valid before expiration. If unspecified or set to 0, this value defaults to 432000 seconds (5 days). */
ttl_sec?: number;
domain_aliases_config?: Management.SelfServiceProfileSsoTicketDomainAliasesConfig;
provisioning_config?: Management.SelfServiceProfileSsoTicketProvisioningConfig;
/** Indicates whether a verified domain should be used for organization discovery during authentication. */
use_for_organization_discovery?: boolean;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true
* }
*/
export interface GetTenantSettingsRequestParameters {
/** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
}
/**
* @example
* {}
*/
export interface UpdateTenantSettingsRequestContent {
change_password?: Management.TenantSettingsPasswordPage | null;
/** Device Flow configuration. */
device_flow?: Management.TenantSettingsDeviceFlow | null;
guardian_mfa_page?: Management.TenantSettingsGuardianPage | null;
/** Default audience for API Authorization. */
default_audience?: string;
/** Name of connection used for password grants at the `/token` endpoint. The following connection types are supported: LDAP, AD, Database Connections, Passwordless, Windows Azure Active Directory, ADFS. */
default_directory?: string;
error_page?: Management.TenantSettingsErrorPage | null;
default_token_quota?: Management.DefaultTokenQuota | null;
flags?: Management.TenantSettingsFlags;
/** Friendly name for this tenant. */
friendly_name?: string;
/** URL of logo to be shown for this tenant (recommended size: 150x150) */
picture_url?: string;
/** End-user support email. */
support_email?: string;
/** End-user support url. */
support_url?: string;
/** URLs that are valid to redirect to after logout from Auth0. */
allowed_logout_urls?: string[];
/** Number of hours a session will stay valid. */
session_lifetime?: number;
/** Number of hours for which a session can be inactive before the user must log in again. */
idle_session_lifetime?: number;
/** Number of hours an ephemeral (non-persistent) session will stay valid. */
ephemeral_session_lifetime?: number;
/** Number of hours for which an ephemeral (non-persistent) session can be inactive before the user must log in again. */
idle_ephemeral_session_lifetime?: number;
/** Selected sandbox version for the extensibility environment */
sandbox_version?: string;
/** Selected legacy sandbox version for the extensibility environment */
legacy_sandbox_version?: string;
/** The default absolute redirection uri, must be https */
default_redirection_uri?: string;
/** Supported locales for the user interface */
enabled_locales?: Management.TenantSettingsSupportedLocalesEnum[];
session_cookie?: Management.SessionCookieSchema | null;
sessions?: Management.TenantSettingsSessions | null;
oidc_logout?: Management.TenantOidcLogoutSettings;
/** Whether to enable flexible factors for MFA in the PostLogin action */
customize_mfa_in_postlogin_action?: boolean | null;
/** Whether to accept an organization name instead of an ID on auth endpoints */
allow_organization_name_in_authentication_api?: boolean | null;
/** Supported ACR values */
acr_values_supported?: string[] | null;
mtls?: Management.TenantSettingsMtls | null;
/** Enables the use of Pushed Authorization Requests */
pushed_authorization_requests_supported?: boolean | null;
/** Supports iss parameter in authorization responses */
authorization_response_iss_parameter_supported?: boolean | null;
/**
* Controls whether a confirmation prompt is shown during login flows when the redirect URI uses non-verifiable callback URIs (for example, a custom URI schema such as `myapp://`, or `localhost`).
* If set to true, a confirmation prompt will not be shown. We recommend that this is set to false for improved protection from malicious apps.
* See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
*/
skip_non_verifiable_callback_uri_confirmation_prompt?: boolean | null;
resource_parameter_profile?: Management.TenantSettingsResourceParameterProfile;
/** Whether the authorization server supports retrieving client metadata from a client_id URL. */
client_id_metadata_document_supported?: boolean;
/** Whether Auth0 Guide (AI-powered assistance) is enabled for this tenant. */
enable_ai_guide?: boolean;
/** Whether Phone Consolidated Experience is enabled for this tenant. */
phone_consolidated_experience?: boolean;
dynamic_client_registration_security_mode?: Management.TenantSettingsDynamicClientRegistrationSecurityMode;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListUserAuthenticationMethodsRequestParameters {
/** Page index of the results to return. First page is 0. Default is 0. */
page?: number | null;
/** Number of results per page. Default is 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* type: "phone"
* }
*/
export interface CreateUserAuthenticationMethodRequestContent {
type: Management.CreatedUserAuthenticationMethodTypeEnum;
/** A human-readable label to identify the authentication method. */
name?: string;
/** Base32 encoded secret for TOTP generation. */
totp_secret?: string;
/** Applies to phone authentication methods only. The destination phone number used to send verification codes via text and voice. */
phone_number?: string;
/** Applies to email authentication methods only. The email address used to send verification messages. */
email?: string;
preferred_authentication_method?: Management.PreferredAuthenticationMethodEnum;
/** Applies to webauthn authentication methods only. The id of the credential. */
key_id?: string;
/** Applies to webauthn authentication methods only. The public key, which is encoded as base64. */
public_key?: string;
/** Applies to webauthn authentication methods only. The relying party identifier. */
relying_party_identifier?: string;
}
/**
* @example
* {}
*/
export interface UpdateUserAuthenticationMethodRequestContent {
/** A human-readable label to identify the authentication method. */
name?: string;
/** Preferred phone authentication method */
preferred_authentication_method?: Management.PreferredAuthenticationMethodEnum;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface GetUserConnectedAccountsRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results to return. Defaults to 10 with a maximum of 20 */
take?: number | null;
}
/**
* @example
* {
* fields: "fields",
* include_fields: true,
* from: "from",
* take: 1
* }
*/
export interface GetUserGroupsRequestParameters {
/** A comma separated list of fields to include or exclude (depending on include_fields) from the result, empty to retrieve all fields */
fields?: string | null;
/** Whether specified fields are to be included (true) or excluded (false). */
include_fields?: boolean | null;
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {}
*/
export interface LinkUserIdentityRequestContent {
/** Identity provider of the secondary user account being linked. */
provider?: Management.UserIdentityProviderEnum;
/** connection_id of the secondary user account being linked when more than one `auth0` database provider exists. */
connection_id?: string;
user_id?: Management.UserId;
/** JWT for the secondary account being linked. If sending this parameter, `provider`, `user_id`, and `connection_id` must not be sent. */
link_with?: string;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* sort: "sort",
* include_totals: true
* }
*/
export interface ListUserLogsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Paging is disabled if parameter not sent. */
per_page?: number | null;
/** Field to sort by. Use `fieldname:1` for ascending order and `fieldname:-1` for descending. */
sort?: string | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* page: 1,
* per_page: 1,
* include_totals: true
* }
*/
export interface ListUserOrganizationsRequestParameters {
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Number of results per page. Defaults to 50. */
per_page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* per_page: 1,
* page: 1,
* include_totals: true
* }
*/
export interface ListUserPermissionsRequestParameters {
/** Number of results per page. */
per_page?: number | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* permissions: [{
* resource_server_identifier: "resource_server_identifier",
* permission_name: "permission_name"
* }]
* }
*/
export interface CreateUserPermissionsRequestContent {
/** List of permissions to add to this user. */
permissions: Management.PermissionRequestPayload[];
}
/**
* @example
* {
* permissions: [{
* resource_server_identifier: "resource_server_identifier",
* permission_name: "permission_name"
* }]
* }
*/
export interface DeleteUserPermissionsRequestContent {
/** List of permissions to remove from this user. */
permissions: Management.PermissionRequestPayload[];
}
/**
* @example
* {
* connection: "connection",
* assessors: ["new-device"]
* }
*/
export interface ClearAssessorsRequestContent {
/** The name of the connection containing the user whose assessors should be cleared. */
connection: string;
/** List of assessors to clear. */
assessors: Management.AssessorsTypeEnum[];
}
/**
* @example
* {
* per_page: 1,
* page: 1,
* include_totals: true
* }
*/
export interface ListUserRolesRequestParameters {
/** Number of results per page. */
per_page?: number | null;
/** Page index of the results to return. First page is 0. */
page?: number | null;
/** Return results inside an object that contains the total result count (true) or as a direct array of results (false, default). */
include_totals?: boolean | null;
}
/**
* @example
* {
* roles: ["roles"]
* }
*/
export interface AssignUserRolesRequestContent {
/** List of roles IDs to associated with the user. */
roles: string[];
}
/**
* @example
* {
* roles: ["roles"]
* }
*/
export interface DeleteUserRolesRequestContent {
/** List of roles IDs to remove from the user. */
roles: string[];
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListRefreshTokensRequestParameters {
/** An optional cursor from which to start the selection (exclusive). */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListUserSessionsRequestParameters {
/** An optional cursor from which to start the selection (exclusive). */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* from: "from",
* take: 1
* }
*/
export interface ListVerifiableCredentialTemplatesRequestParameters {
/** Optional Id from which to start selection. */
from?: string | null;
/** Number of results per page. Defaults to 50. */
take?: number | null;
}
/**
* @example
* {
* name: "name",
* type: "type",
* dialect: "dialect",
* presentation: {
* "org.iso.18013.5.1.mDL": {
* "org.iso.18013.5.1": {}
* }
* },
* well_known_trusted_issuers: "well_known_trusted_issuers"
* }
*/
export interface CreateVerifiableCredentialTemplateRequestContent {
name: string;
type: string;
dialect: string;
presentation: Management.MdlPresentationRequest;
custom_certificate_authority?: string | null;
well_known_trusted_issuers: string;
}
/**
* @example
* {}
*/
export interface UpdateVerifiableCredentialTemplateRequestContent {
name?: string | null;
type?: string | null;
dialect?: string | null;
presentation?: Management.MdlPresentationRequest;
well_known_trusted_issuers?: string | null;
version?: number | null;
}