@ory/client/docs/NormalizedProjectRevisionThirdPartyProvider.md

OpenAPI client for @ory/client

# NormalizedProjectRevisionThirdPartyProvider


## Properties

Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**aal2_acr_values** | **Array<string>** | AAL2ACRValues lists upstream OIDC `acr` claim values that should elevate the resulting Kratos session to AAL2. Empty means the upstream `acr` claim is ignored when deciding session AAL. | [optional] [default to undefined]
**aal2_amr_values** | **Array<string>** | AAL2AMRValues lists upstream OIDC `amr` claim values that should elevate the resulting Kratos session to AAL2 when any of them appears in the upstream `amr` array. Empty means the upstream `amr` claim is ignored when deciding session AAL. | [optional] [default to undefined]
**account_linking_mode** | **string** | AccountLinkingMode controls how account conflicts are resolved for this provider.  Possible values are `confirm_with_existing_credential` (default) and `automatic`. `automatic` silently links accounts when the provider verifies email ownership. Only supported for `apple` and `google` providers. automatic AccountLinkingModeAutomatic  AccountLinkingModeAutomatic silently links accounts if the provider verifies email ownership. confirm_with_existing_credential AccountLinkingModeConfirmWithExistingCredential  AccountLinkingModeConfirmWithExistingCredential requires the user to confirm the account linking by providing an existing credential. | [optional] [default to undefined]
**additional_id_token_audiences** | **Array<string>** | AdditionalIDTokenAudiences is a list of additional audiences allowed in the ID Token.  This is only relevant in OIDC flows that submit an IDToken instead of using the callback from the OIDC provider. | [optional] [default to undefined]
**apple_private_key** | **string** |  | [optional] [default to undefined]
**apple_private_key_id** | **string** | Apple Private Key Identifier  Sign In with Apple Private Key Identifier needed for generating a JWT token for client secret | [optional] [default to undefined]
**apple_team_id** | **string** | Apple Developer Team ID  Apple Developer Team ID needed for generating a JWT token for client secret | [optional] [default to undefined]
**auth_url** | **string** | AuthURL is the authorize url, typically something like: https://example.org/oauth2/auth Should only be used when the OAuth2 / OpenID Connect server is not supporting OpenID Connect Discovery and when `provider` is set to `generic`. | [optional] [default to undefined]
**azure_tenant** | **string** | Tenant is the Azure AD Tenant to use for authentication, and must be set when `provider` is set to `microsoft`.  Can be either `common`, `organizations`, `consumers` for a multitenant application or a specific tenant like `8eaef023-2b34-4da1-9baa-8bc8c9d6a490` or `contoso.onmicrosoft.com`. | [optional] [default to undefined]
**claims_source** | **string** |  | [optional] [default to undefined]
**client_id** | **string** | ClientID is the application\'s Client ID. | [optional] [default to undefined]
**client_secret** | **string** |  | [optional] [default to undefined]
**created_at** | **string** | The Project\'s Revision Creation Date | [optional] [readonly] [default to undefined]
**fedcm_config_url** | **string** |  | [optional] [default to undefined]
**id** | **string** |  | [optional] [default to undefined]
**issuer_url** | **string** | IssuerURL is the OpenID Connect Server URL. You can leave this empty if `provider` is not set to `generic`. If set, neither `auth_url` nor `token_url` are required. | [optional] [default to undefined]
**label** | **string** | Label represents an optional label which can be used in the UI generation. | [optional] [default to undefined]
**mapper_url** | **string** | Mapper specifies the JSONNet code snippet which uses the OpenID Connect Provider\'s data (e.g. GitHub or Google profile information) to hydrate the identity\'s data. | [optional] [default to undefined]
**net_id_token_origin_header** | **string** |  | [optional] [default to undefined]
**organization_id** | **string** |  | [optional] [default to undefined]
**pkce** | **string** |  | [optional] [default to undefined]
**project_revision_id** | **string** | The Revision\'s ID this provider belongs to | [optional] [default to undefined]
**provider** | **string** | Provider is either \"generic\" for a generic OAuth 2.0 / OpenID Connect Provider or one of: generic google github gitlab microsoft discord slack facebook vk yandex apple | [optional] [default to undefined]
**provider_id** | **string** | ID is the provider\'s ID | [optional] [default to undefined]
**proxy_oidc_redirect_url** | **string** | Proxy OIDC Redirect URL if overriding with a customer-controlled URL | [optional] [readonly] [default to undefined]
**requested_claims** | **object** |  | [optional] [default to undefined]
**scope** | **Array<string>** | Scope specifies optional requested permissions. | [optional] [default to undefined]
**state** | **string** | State indicates the state of the provider  Only providers with state `enabled` will be used for authentication enabled ThirdPartyProviderStateEnabled disabled ThirdPartyProviderStateDisabled | [optional] [default to undefined]
**subject_source** | **string** |  | [optional] [default to undefined]
**token_url** | **string** | TokenURL is the token url, typically something like: https://example.org/oauth2/token  Should only be used when the OAuth2 / OpenID Connect server is not supporting OpenID Connect Discovery and when `provider` is set to `generic`. | [optional] [default to undefined]
**update_identity_on_login** | **string** | UpdateIdentityOnLogin controls whether the identity is updated from OIDC claims on each login.  Possible values are \"never\" (default) and \"automatic\". never UpdateIdentityOnLoginNever  UpdateIdentityOnLoginNever disables identity updates on login (default). automatic UpdateIdentityOnLoginAutomatic  UpdateIdentityOnLoginAutomatic re-runs the Jsonnet claims mapper on every  OIDC login and updates the identity\'s traits and metadata automatically. | [optional] [default to undefined]
**updated_at** | **string** | Last Time Project\'s Revision was Updated | [optional] [readonly] [default to undefined]

## Example

```typescript
import { NormalizedProjectRevisionThirdPartyProvider } from '@ory/client';

const instance: NormalizedProjectRevisionThirdPartyProvider = {
    aal2_acr_values,
    aal2_amr_values,
    account_linking_mode,
    additional_id_token_audiences,
    apple_private_key,
    apple_private_key_id,
    apple_team_id,
    auth_url,
    azure_tenant,
    claims_source,
    client_id,
    client_secret,
    created_at,
    fedcm_config_url,
    id,
    issuer_url,
    label,
    mapper_url,
    net_id_token_origin_header,
    organization_id,
    pkce,
    project_revision_id,
    provider,
    provider_id,
    proxy_oidc_redirect_url,
    requested_claims,
    scope,
    state,
    subject_source,
    token_url,
    update_identity_on_login,
    updated_at,
};
```

[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)