@leancodepl/kratos

/** * Ory APIs * # Introduction Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. ## SDKs This document describes the APIs available in the Ory Network. The APIs are available as SDKs for the following languages: | Language | Download SDK | Documentation | | -------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------------------------ | | Dart | [pub.dev](https://pub.dev/packages/ory_client) | [README](https://github.com/ory/sdk/blob/master/clients/client/dart/README.md) | | .NET | [nuget.org](https://www.nuget.org/packages/Ory.Client/) | [README](https://github.com/ory/sdk/blob/master/clients/client/dotnet/README.md) | | Elixir | [hex.pm](https://hex.pm/packages/ory_client) | [README](https://github.com/ory/sdk/blob/master/clients/client/elixir/README.md) | | Go | [github.com](https://github.com/ory/client-go) | [README](https://github.com/ory/sdk/blob/master/clients/client/go/README.md) | | Java | [maven.org](https://search.maven.org/artifact/sh.ory/ory-client) | [README](https://github.com/ory/sdk/blob/master/clients/client/java/README.md) | | JavaScript | [npmjs.com](https://www.npmjs.com/package/@ory/client) | [README](https://github.com/ory/sdk/blob/master/clients/client/typescript/README.md) | | JavaScript (With fetch) | [npmjs.com](https://www.npmjs.com/package/@ory/client-fetch) | [README](https://github.com/ory/sdk/blob/master/clients/client/typescript-fetch/README.md) | | PHP | [packagist.org](https://packagist.org/packages/ory/client) | [README](https://github.com/ory/sdk/blob/master/clients/client/php/README.md) | | Python | [pypi.org](https://pypi.org/project/ory-client/) | [README](https://github.com/ory/sdk/blob/master/clients/client/python/README.md) | | Ruby | [rubygems.org](https://rubygems.org/gems/ory-client) | [README](https://github.com/ory/sdk/blob/master/clients/client/ruby/README.md) | | Rust | [crates.io](https://crates.io/crates/ory-client) | [README](https://github.com/ory/sdk/blob/master/clients/client/rust/README.md) | * * The version of the OpenAPI document: v1.20.10 * Contact: support@ory.sh * * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). * https://openapi-generator.tech * Do not edit the class manually. */ import * as runtime from '../runtime'; import type { AcceptOAuth2ConsentRequest, AcceptOAuth2LoginRequest, ErrorOAuth2, IntrospectedOAuth2Token, JsonPatch, OAuth2Client, OAuth2ClientTokenLifespans, OAuth2ConsentRequest, OAuth2ConsentSession, OAuth2LoginRequest, OAuth2LogoutRequest, OAuth2RedirectTo, OAuth2TokenExchange, RejectOAuth2Request, TrustOAuth2JwtGrantIssuer, TrustedOAuth2JwtGrantIssuer } from '../models/index'; export interface AcceptOAuth2ConsentRequestRequest { consentChallenge: string; acceptOAuth2ConsentRequest?: AcceptOAuth2ConsentRequest; } export interface AcceptOAuth2LoginRequestRequest { loginChallenge: string; acceptOAuth2LoginRequest?: AcceptOAuth2LoginRequest; } export interface AcceptOAuth2LogoutRequestRequest { logoutChallenge: string; } export interface CreateOAuth2ClientRequest { oAuth2Client: OAuth2Client; } export interface DeleteOAuth2ClientRequest { id: string; } export interface DeleteOAuth2TokenRequest { clientId: string; } export interface DeleteTrustedOAuth2JwtGrantIssuerRequest { id: string; } export interface GetOAuth2ClientRequest { id: string; } export interface GetOAuth2ConsentRequestRequest { consentChallenge: string; } export interface GetOAuth2LoginRequestRequest { loginChallenge: string; } export interface GetOAuth2LogoutRequestRequest { logoutChallenge: string; } export interface GetTrustedOAuth2JwtGrantIssuerRequest { id: string; } export interface IntrospectOAuth2TokenRequest { token: string; scope?: string; } export interface ListOAuth2ClientsRequest { pageSize?: number; pageToken?: string; clientName?: string; owner?: string; } export interface ListOAuth2ConsentSessionsRequest { subject: string; pageSize?: number; pageToken?: string; loginSessionId?: string; } export interface ListTrustedOAuth2JwtGrantIssuersRequest { maxItems?: number; defaultItems?: number; issuer?: string; } export interface Oauth2TokenExchangeRequest { grantType: string; clientId?: string; code?: string; redirectUri?: string; refreshToken?: string; } export interface PatchOAuth2ClientRequest { id: string; jsonPatch: Array<JsonPatch>; } export interface RejectOAuth2ConsentRequestRequest { consentChallenge: string; rejectOAuth2Request?: RejectOAuth2Request; } export interface RejectOAuth2LoginRequestRequest { loginChallenge: string; rejectOAuth2Request?: RejectOAuth2Request; } export interface RejectOAuth2LogoutRequestRequest { logoutChallenge: string; } export interface RevokeOAuth2ConsentSessionsRequest { subject?: string; client?: string; consentRequestId?: string; all?: boolean; } export interface RevokeOAuth2LoginSessionsRequest { subject?: string; sid?: string; } export interface RevokeOAuth2TokenRequest { token: string; clientId?: string; clientSecret?: string; } export interface SetOAuth2ClientRequest { id: string; oAuth2Client: OAuth2Client; } export interface SetOAuth2ClientLifespansRequest { id: string; oAuth2ClientTokenLifespans?: OAuth2ClientTokenLifespans; } export interface TrustOAuth2JwtGrantIssuerRequest { trustOAuth2JwtGrantIssuer?: TrustOAuth2JwtGrantIssuer; } /** * OAuth2Api - interface * * @export * @interface OAuth2ApiInterface */ export interface OAuth2ApiInterface { /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Accept OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {AcceptOAuth2ConsentRequest} [acceptOAuth2ConsentRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ acceptOAuth2ConsentRequestRaw(requestParameters: AcceptOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2RedirectTo>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * Accept OAuth 2.0 Consent Request */ acceptOAuth2ConsentRequest(requestParameters: AcceptOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2RedirectTo>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {AcceptOAuth2LoginRequest} [acceptOAuth2LoginRequest] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ acceptOAuth2LoginRequestRaw(requestParameters: AcceptOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2RedirectTo>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as the subject\'s ID and if Ory should remember the subject\'s subject agent for future authentication attempts by setting a cookie. The response contains a redirect URL which the login provider should redirect the user-agent to. * Accept OAuth 2.0 Login Request */ acceptOAuth2LoginRequest(requestParameters: AcceptOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2RedirectTo>; /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * @summary Accept OAuth 2.0 Session Logout Request * @param {string} logoutChallenge OAuth 2.0 Logout Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ acceptOAuth2LogoutRequestRaw(requestParameters: AcceptOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2RedirectTo>>; /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. The response contains a redirect URL which the consent provider should redirect the user-agent to. * Accept OAuth 2.0 Session Logout Request */ acceptOAuth2LogoutRequest(requestParameters: AcceptOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2RedirectTo>; /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * @summary Create OAuth 2.0 Client * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ createOAuth2ClientRaw(requestParameters: CreateOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2Client>>; /** * Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on. * Create OAuth 2.0 Client */ createOAuth2Client(requestParameters: CreateOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2Client>; /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * @summary Delete OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ deleteOAuth2ClientRaw(requestParameters: DeleteOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * Delete an existing OAuth 2.0 Client by its ID. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. Make sure that this endpoint is well protected and only callable by first-party components. * Delete OAuth 2.0 Client */ deleteOAuth2Client(requestParameters: DeleteOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * @summary Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client * @param {string} clientId OAuth 2.0 Client ID * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ deleteOAuth2TokenRaw(requestParameters: DeleteOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. * Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client */ deleteOAuth2Token(requestParameters: DeleteOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * @summary Delete Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ deleteTrustedOAuth2JwtGrantIssuerRaw(requestParameters: DeleteTrustedOAuth2JwtGrantIssuerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant. * Delete Trusted OAuth2 JWT Bearer Grant Type Issuer */ deleteTrustedOAuth2JwtGrantIssuer(requestParameters: DeleteTrustedOAuth2JwtGrantIssuerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Get an OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ getOAuth2ClientRaw(requestParameters: GetOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2Client>>; /** * Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * Get an OAuth 2.0 Client */ getOAuth2Client(requestParameters: GetOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2Client>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Get OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ getOAuth2ConsentRequestRaw(requestParameters: GetOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2ConsentRequest>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * Get OAuth 2.0 Consent Request */ getOAuth2ConsentRequest(requestParameters: GetOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2ConsentRequest>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * @summary Get OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ getOAuth2LoginRequestRaw(requestParameters: GetOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2LoginRequest>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app you write and host, and it must be able to authenticate (\"show the subject a login screen\") a subject (in OAuth2 the proper name for subject is \"resource owner\"). The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. * Get OAuth 2.0 Login Request */ getOAuth2LoginRequest(requestParameters: GetOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2LoginRequest>; /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * @summary Get OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ getOAuth2LogoutRequestRaw(requestParameters: GetOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2LogoutRequest>>; /** * Use this endpoint to fetch an Ory OAuth 2.0 logout request. * Get OAuth 2.0 Session Logout Request */ getOAuth2LogoutRequest(requestParameters: GetOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2LogoutRequest>; /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * @summary Get Trusted OAuth2 JWT Bearer Grant Type Issuer * @param {string} id The id of the desired grant * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ getTrustedOAuth2JwtGrantIssuerRaw(requestParameters: GetTrustedOAuth2JwtGrantIssuerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<TrustedOAuth2JwtGrantIssuer>>; /** * Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship. * Get Trusted OAuth2 JWT Bearer Grant Type Issuer */ getTrustedOAuth2JwtGrantIssuer(requestParameters: GetTrustedOAuth2JwtGrantIssuerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<TrustedOAuth2JwtGrantIssuer>; /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * @summary Introspect OAuth2 Access and Refresh Tokens * @param {string} token The string value of the token. For access tokens, this is the \\\"access_token\\\" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \\\"refresh_token\\\" value returned. * @param {string} [scope] An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ introspectOAuth2TokenRaw(requestParameters: IntrospectOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<IntrospectedOAuth2Token>>; /** * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `session.access_token` during the consent flow. * Introspect OAuth2 Access and Refresh Tokens */ introspectOAuth2Token(requestParameters: IntrospectOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<IntrospectedOAuth2Token>; /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * @summary List OAuth 2.0 Clients * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [clientName] The name of the clients to filter by. * @param {string} [owner] The owner of the clients to filter by. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ listOAuth2ClientsRaw(requestParameters: ListOAuth2ClientsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<OAuth2Client>>>; /** * This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. * List OAuth 2.0 Clients */ listOAuth2Clients(requestParameters: ListOAuth2ClientsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<OAuth2Client>>; /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * @summary List OAuth 2.0 Consent Sessions of a Subject * @param {string} subject The subject to list the consent sessions for. * @param {number} [pageSize] Items per Page This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [pageToken] Next Page Token The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). * @param {string} [loginSessionId] The login session id to list the consent sessions for. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ listOAuth2ConsentSessionsRaw(requestParameters: ListOAuth2ConsentSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<OAuth2ConsentSession>>>; /** * This endpoint lists all subject\'s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK. * List OAuth 2.0 Consent Sessions of a Subject */ listOAuth2ConsentSessions(requestParameters: ListOAuth2ConsentSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<OAuth2ConsentSession>>; /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * @summary List Trusted OAuth2 JWT Bearer Grant Type Issuers * @param {number} [maxItems] * @param {number} [defaultItems] * @param {string} [issuer] If optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ listTrustedOAuth2JwtGrantIssuersRaw(requestParameters: ListTrustedOAuth2JwtGrantIssuersRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<Array<TrustedOAuth2JwtGrantIssuer>>>; /** * Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. * List Trusted OAuth2 JWT Bearer Grant Type Issuers */ listTrustedOAuth2JwtGrantIssuers(requestParameters: ListTrustedOAuth2JwtGrantIssuersRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<Array<TrustedOAuth2JwtGrantIssuer>>; /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary OAuth 2.0 Authorize Endpoint * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ oAuth2AuthorizeRaw(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<ErrorOAuth2>>; /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries at https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * OAuth 2.0 Authorize Endpoint */ oAuth2Authorize(initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<ErrorOAuth2>; /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * @summary The OAuth 2.0 Token Endpoint * @param {string} grantType * @param {string} [clientId] * @param {string} [code] * @param {string} [redirectUri] * @param {string} [refreshToken] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ oauth2TokenExchangeRaw(requestParameters: Oauth2TokenExchangeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2TokenExchange>>; /** * Use open source libraries to perform OAuth 2.0 and OpenID Connect available for any programming language. You can find a list of libraries here https://oauth.net/code/ This endpoint should not be used via the Ory SDK and is only included for technical reasons. Instead, use one of the libraries linked above. * The OAuth 2.0 Token Endpoint */ oauth2TokenExchange(requestParameters: Oauth2TokenExchangeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2TokenExchange>; /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Patch OAuth 2.0 Client * @param {string} id The id of the OAuth 2.0 Client. * @param {Array<JsonPatch>} jsonPatch OAuth 2.0 Client JSON Patch Body * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ patchOAuth2ClientRaw(requestParameters: PatchOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2Client>>; /** * Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * Patch OAuth 2.0 Client */ patchOAuth2Client(requestParameters: PatchOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2Client>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * @summary Reject OAuth 2.0 Consent Request * @param {string} consentChallenge OAuth 2.0 Consent Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ rejectOAuth2ConsentRequestRaw(requestParameters: RejectOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2RedirectTo>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject\'s behalf. The consent challenge is appended to the consent provider\'s URL to which the subject\'s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted or rejected the request. This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted. The response contains a redirect URL which the consent provider should redirect the user-agent to. The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please head over to the OAuth 2.0 documentation. * Reject OAuth 2.0 Consent Request */ rejectOAuth2ConsentRequest(requestParameters: RejectOAuth2ConsentRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2RedirectTo>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * @summary Reject OAuth 2.0 Login Request * @param {string} loginChallenge OAuth 2.0 Login Request Challenge * @param {RejectOAuth2Request} [rejectOAuth2Request] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ rejectOAuth2LoginRequestRaw(requestParameters: RejectOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2RedirectTo>>; /** * When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject\'s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. * Reject OAuth 2.0 Login Request */ rejectOAuth2LoginRequest(requestParameters: RejectOAuth2LoginRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2RedirectTo>; /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * @summary Reject OAuth 2.0 Session Logout Request * @param {string} logoutChallenge * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ rejectOAuth2LogoutRequestRaw(requestParameters: RejectOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. No HTTP request body is required. The response is empty as the logout provider has to chose what action to perform next. * Reject OAuth 2.0 Session Logout Request */ rejectOAuth2LogoutRequest(requestParameters: RejectOAuth2LogoutRequestRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * @summary Revoke OAuth 2.0 Consent Sessions of a Subject * @param {string} [subject] OAuth 2.0 Consent Subject The subject whose consent sessions should be deleted. * @param {string} [client] OAuth 2.0 Client ID If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID. * @param {string} [consentRequestId] Consent Request ID If set, revoke all token chains derived from this particular consent request ID. * @param {boolean} [all] Revoke All Consent Sessions If set to `true` deletes all consent sessions by the Subject that have been granted. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ revokeOAuth2ConsentSessionsRaw(requestParameters: RevokeOAuth2ConsentSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * This endpoint revokes a subject\'s granted consent sessions and invalidates all associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. * Revoke OAuth 2.0 Consent Sessions of a Subject */ revokeOAuth2ConsentSessions(requestParameters: RevokeOAuth2ConsentSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * @summary Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID * @param {string} [subject] OAuth 2.0 Subject The subject to revoke authentication sessions for. * @param {string} [sid] Login Session ID The login session to revoke. * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ revokeOAuth2LoginSessionsRaw(requestParameters: RevokeOAuth2LoginSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens. If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpenID Connect Front- or Back-channel logout is performed in this case. Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case. When using Ory for the identity provider, the login provider will also invalidate the session cookie. * Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID */ revokeOAuth2LoginSessions(requestParameters: RevokeOAuth2LoginSessionsRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * @summary Revoke OAuth 2.0 Access or Refresh Token * @param {string} token * @param {string} [clientId] * @param {string} [clientSecret] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ revokeOAuth2TokenRaw(requestParameters: RevokeOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>>; /** * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for. * Revoke OAuth 2.0 Access or Refresh Token */ revokeOAuth2Token(requestParameters: RevokeOAuth2TokenRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void>; /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * @summary Set OAuth 2.0 Client * @param {string} id OAuth 2.0 Client ID * @param {OAuth2Client} oAuth2Client OAuth 2.0 Client Request Body * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ setOAuth2ClientRaw(requestParameters: SetOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2Client>>; /** * Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. It is not possible to retrieve it later on. OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. * Set OAuth 2.0 Client */ setOAuth2Client(requestParameters: SetOAuth2ClientRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2Client>; /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * @summary Set OAuth2 Client Token Lifespans * @param {string} id OAuth 2.0 Client ID * @param {OAuth2ClientTokenLifespans} [oAuth2ClientTokenLifespans] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ setOAuth2ClientLifespansRaw(requestParameters: SetOAuth2ClientLifespansRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<OAuth2Client>>; /** * Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. * Set OAuth2 Client Token Lifespans */ setOAuth2ClientLifespans(requestParameters: SetOAuth2ClientLifespansRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<OAuth2Client>; /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * @summary Trust OAuth2 JWT Bearer Grant Type Issuer * @param {TrustOAuth2JwtGrantIssuer} [trustOAuth2JwtGrantIssuer] * @param {*} [options] Override http request option. * @throws {RequiredError} * @memberof OAuth2ApiInterface */ trustOAuth2JwtGrantIssuerRaw(requestParameters: TrustOAuth2JwtGrantIssuerRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<TrustedOAuth2JwtGrantIssuer>>; /** * Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). * Trust OAuth2 JWT Bearer Grant Type Issuer */ trustOAuth2JwtGrantIssuer(requestParameters: