@ory/kratos-client
Version:
OpenAPI client for @ory/kratos-client
1,618 lines (1,558 loc) • 629 kB
text/typescript
/* tslint:disable */
/* eslint-disable */
/**
* Ory Identities API
* This is the API specification for Ory Identities with features such as registration, login, recovery, account verification, profile settings, password reset, identity management, session management, email and sms delivery, and more.
*
* The version of the OpenAPI document: v1.3.8
* Contact: office@ory.sh
*
* NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
* https://openapi-generator.tech
* Do not edit the class manually.
*/
import type { Configuration } from './configuration';
import type { AxiosPromise, AxiosInstance, RawAxiosRequestConfig } from 'axios';
import globalAxios from 'axios';
// Some imports not used depending on template conditions
// @ts-ignore
import { DUMMY_BASE_URL, assertParamExists, setApiKeyToObject, setBasicAuthToObject, setBearerAuthToObject, setOAuthToObject, setSearchParams, serializeDataIfNeeded, toPathString, createRequestFunction } from './common';
import type { RequestArgs } from './base';
// @ts-ignore
import { BASE_PATH, COLLECTION_FORMATS, BaseAPI, RequiredError, operationServerMap } from './base';
/**
* The authenticator assurance level can be one of \"aal1\", \"aal2\", or \"aal3\". A higher number means that it is harder for an attacker to compromise the account. Generally, \"aal1\" implies that one authentication factor was used while AAL2 implies that two factors (e.g. password + TOTP) have been used. To learn more about these levels please head over to: https://www.ory.sh/kratos/docs/concepts/credentials
* @export
* @enum {string}
*/
export const AuthenticatorAssuranceLevel = {
Aal0: 'aal0',
Aal1: 'aal1',
Aal2: 'aal2',
Aal3: 'aal3'
} as const;
export type AuthenticatorAssuranceLevel = typeof AuthenticatorAssuranceLevel[keyof typeof AuthenticatorAssuranceLevel];
/**
* Patch identities response
* @export
* @interface BatchPatchIdentitiesResponse
*/
export interface BatchPatchIdentitiesResponse {
/**
* The patch responses for the individual identities.
* @type {Array<IdentityPatchResponse>}
* @memberof BatchPatchIdentitiesResponse
*/
'identities'?: Array<IdentityPatchResponse>;
}
/**
* Control API consistency guarantees
* @export
* @interface ConsistencyRequestParameters
*/
export interface ConsistencyRequestParameters {
/**
* Read Consistency Level (preview) The read consistency level determines the consistency guarantee for reads: strong (slow): The read is guaranteed to return the most recent data committed at the start of the read. eventual (very fast): The result will return data that is about 4.8 seconds old. The default consistency guarantee can be changed in the Ory Network Console or using the Ory CLI with `ory patch project --replace \'/previews/default_read_consistency_level=\"strong\"\'`. Setting the default consistency level to `eventual` may cause regressions in the future as we add consistency controls to more APIs. Currently, the following APIs will be affected by this setting: `GET /admin/identities` This feature is in preview and only available in Ory Network. ConsistencyLevelUnset ConsistencyLevelUnset is the unset / default consistency level. strong ConsistencyLevelStrong ConsistencyLevelStrong is the strong consistency level. eventual ConsistencyLevelEventual ConsistencyLevelEventual is the eventual consistency level using follower read timestamps.
* @type {string}
* @memberof ConsistencyRequestParameters
*/
'consistency'?: ConsistencyRequestParametersConsistencyEnum;
}
export const ConsistencyRequestParametersConsistencyEnum = {
Empty: '',
Strong: 'strong',
Eventual: 'eventual'
} as const;
export type ConsistencyRequestParametersConsistencyEnum = typeof ConsistencyRequestParametersConsistencyEnum[keyof typeof ConsistencyRequestParametersConsistencyEnum];
/**
* @type ContinueWith
* @export
*/
export type ContinueWith = { action: 'redirect_browser_to' } & ContinueWithRedirectBrowserTo | { action: 'set_ory_session_token' } & ContinueWithSetOrySessionToken | { action: 'show_recovery_ui' } & ContinueWithRecoveryUi | { action: 'show_settings_ui' } & ContinueWithSettingsUi | { action: 'show_verification_ui' } & ContinueWithVerificationUi;
/**
* Indicates, that the UI flow could be continued by showing a recovery ui
* @export
* @interface ContinueWithRecoveryUi
*/
export interface ContinueWithRecoveryUi {
/**
* Action will always be `show_recovery_ui` show_recovery_ui ContinueWithActionShowRecoveryUIString
* @type {string}
* @memberof ContinueWithRecoveryUi
*/
'action': ContinueWithRecoveryUiActionEnum;
/**
*
* @type {ContinueWithRecoveryUiFlow}
* @memberof ContinueWithRecoveryUi
*/
'flow': ContinueWithRecoveryUiFlow;
}
export const ContinueWithRecoveryUiActionEnum = {
ShowRecoveryUi: 'show_recovery_ui'
} as const;
export type ContinueWithRecoveryUiActionEnum = typeof ContinueWithRecoveryUiActionEnum[keyof typeof ContinueWithRecoveryUiActionEnum];
/**
*
* @export
* @interface ContinueWithRecoveryUiFlow
*/
export interface ContinueWithRecoveryUiFlow {
/**
* The ID of the recovery flow
* @type {string}
* @memberof ContinueWithRecoveryUiFlow
*/
'id': string;
/**
* The URL of the recovery flow If this value is set, redirect the user\'s browser to this URL. This value is typically unset for native clients / API flows.
* @type {string}
* @memberof ContinueWithRecoveryUiFlow
*/
'url'?: string;
}
/**
* Indicates, that the UI flow could be continued by showing a recovery ui
* @export
* @interface ContinueWithRedirectBrowserTo
*/
export interface ContinueWithRedirectBrowserTo {
/**
* Action will always be `redirect_browser_to` redirect_browser_to ContinueWithActionRedirectBrowserToString
* @type {string}
* @memberof ContinueWithRedirectBrowserTo
*/
'action': ContinueWithRedirectBrowserToActionEnum;
/**
* The URL to redirect the browser to
* @type {string}
* @memberof ContinueWithRedirectBrowserTo
*/
'redirect_browser_to': string;
}
export const ContinueWithRedirectBrowserToActionEnum = {
RedirectBrowserTo: 'redirect_browser_to'
} as const;
export type ContinueWithRedirectBrowserToActionEnum = typeof ContinueWithRedirectBrowserToActionEnum[keyof typeof ContinueWithRedirectBrowserToActionEnum];
/**
* Indicates that a session was issued, and the application should use this token for authenticated requests
* @export
* @interface ContinueWithSetOrySessionToken
*/
export interface ContinueWithSetOrySessionToken {
/**
* Action will always be `set_ory_session_token` set_ory_session_token ContinueWithActionSetOrySessionTokenString
* @type {string}
* @memberof ContinueWithSetOrySessionToken
*/
'action': ContinueWithSetOrySessionTokenActionEnum;
/**
* Token is the token of the session
* @type {string}
* @memberof ContinueWithSetOrySessionToken
*/
'ory_session_token': string;
}
export const ContinueWithSetOrySessionTokenActionEnum = {
SetOrySessionToken: 'set_ory_session_token'
} as const;
export type ContinueWithSetOrySessionTokenActionEnum = typeof ContinueWithSetOrySessionTokenActionEnum[keyof typeof ContinueWithSetOrySessionTokenActionEnum];
/**
* Indicates, that the UI flow could be continued by showing a settings ui
* @export
* @interface ContinueWithSettingsUi
*/
export interface ContinueWithSettingsUi {
/**
* Action will always be `show_settings_ui` show_settings_ui ContinueWithActionShowSettingsUIString
* @type {string}
* @memberof ContinueWithSettingsUi
*/
'action': ContinueWithSettingsUiActionEnum;
/**
*
* @type {ContinueWithSettingsUiFlow}
* @memberof ContinueWithSettingsUi
*/
'flow': ContinueWithSettingsUiFlow;
}
export const ContinueWithSettingsUiActionEnum = {
ShowSettingsUi: 'show_settings_ui'
} as const;
export type ContinueWithSettingsUiActionEnum = typeof ContinueWithSettingsUiActionEnum[keyof typeof ContinueWithSettingsUiActionEnum];
/**
*
* @export
* @interface ContinueWithSettingsUiFlow
*/
export interface ContinueWithSettingsUiFlow {
/**
* The ID of the settings flow
* @type {string}
* @memberof ContinueWithSettingsUiFlow
*/
'id': string;
/**
* The URL of the settings flow If this value is set, redirect the user\'s browser to this URL. This value is typically unset for native clients / API flows.
* @type {string}
* @memberof ContinueWithSettingsUiFlow
*/
'url'?: string;
}
/**
* Indicates, that the UI flow could be continued by showing a verification ui
* @export
* @interface ContinueWithVerificationUi
*/
export interface ContinueWithVerificationUi {
/**
* Action will always be `show_verification_ui` show_verification_ui ContinueWithActionShowVerificationUIString
* @type {string}
* @memberof ContinueWithVerificationUi
*/
'action': ContinueWithVerificationUiActionEnum;
/**
*
* @type {ContinueWithVerificationUiFlow}
* @memberof ContinueWithVerificationUi
*/
'flow': ContinueWithVerificationUiFlow;
}
export const ContinueWithVerificationUiActionEnum = {
ShowVerificationUi: 'show_verification_ui'
} as const;
export type ContinueWithVerificationUiActionEnum = typeof ContinueWithVerificationUiActionEnum[keyof typeof ContinueWithVerificationUiActionEnum];
/**
*
* @export
* @interface ContinueWithVerificationUiFlow
*/
export interface ContinueWithVerificationUiFlow {
/**
* The ID of the verification flow
* @type {string}
* @memberof ContinueWithVerificationUiFlow
*/
'id': string;
/**
* The URL of the verification flow If this value is set, redirect the user\'s browser to this URL. This value is typically unset for native clients / API flows.
* @type {string}
* @memberof ContinueWithVerificationUiFlow
*/
'url'?: string;
/**
* The address that should be verified in this flow
* @type {string}
* @memberof ContinueWithVerificationUiFlow
*/
'verifiable_address': string;
}
/**
* A Message\'s Status
* @export
* @enum {string}
*/
export const CourierMessageStatus = {
Queued: 'queued',
Sent: 'sent',
Processing: 'processing',
Abandoned: 'abandoned'
} as const;
export type CourierMessageStatus = typeof CourierMessageStatus[keyof typeof CourierMessageStatus];
/**
* It can either be `email` or `phone`
* @export
* @enum {string}
*/
export const CourierMessageType = {
Email: 'email',
Phone: 'phone'
} as const;
export type CourierMessageType = typeof CourierMessageType[keyof typeof CourierMessageType];
/**
* Contains a list of all available FedCM providers.
* @export
* @interface CreateFedcmFlowResponse
*/
export interface CreateFedcmFlowResponse {
/**
*
* @type {string}
* @memberof CreateFedcmFlowResponse
*/
'csrf_token'?: string;
/**
*
* @type {Array<Provider>}
* @memberof CreateFedcmFlowResponse
*/
'providers'?: Array<Provider>;
}
/**
* Create Identity Body
* @export
* @interface CreateIdentityBody
*/
export interface CreateIdentityBody {
/**
*
* @type {IdentityWithCredentials}
* @memberof CreateIdentityBody
*/
'credentials'?: IdentityWithCredentials;
/**
* Store metadata about the user which is only accessible through admin APIs such as `GET /admin/identities/<id>`.
* @type {any}
* @memberof CreateIdentityBody
*/
'metadata_admin'?: any;
/**
* Store metadata about the identity which the identity itself can see when calling for example the session endpoint. Do not store sensitive information (e.g. credit score) about the identity in this field.
* @type {any}
* @memberof CreateIdentityBody
*/
'metadata_public'?: any;
/**
*
* @type {string}
* @memberof CreateIdentityBody
*/
'organization_id'?: string | null;
/**
* RecoveryAddresses contains all the addresses that can be used to recover an identity. Use this structure to import recovery addresses for an identity. Please keep in mind that the address needs to be represented in the Identity Schema or this field will be overwritten on the next identity update.
* @type {Array<RecoveryIdentityAddress>}
* @memberof CreateIdentityBody
*/
'recovery_addresses'?: Array<RecoveryIdentityAddress>;
/**
* SchemaID is the ID of the JSON Schema to be used for validating the identity\'s traits.
* @type {string}
* @memberof CreateIdentityBody
*/
'schema_id': string;
/**
* State is the identity\'s state. active StateActive inactive StateInactive
* @type {string}
* @memberof CreateIdentityBody
*/
'state'?: CreateIdentityBodyStateEnum;
/**
* Traits represent an identity\'s traits. The identity is able to create, modify, and delete traits in a self-service manner. The input will always be validated against the JSON Schema defined in `schema_url`.
* @type {object}
* @memberof CreateIdentityBody
*/
'traits': object;
/**
* VerifiableAddresses contains all the addresses that can be verified by the user. Use this structure to import verified addresses for an identity. Please keep in mind that the address needs to be represented in the Identity Schema or this field will be overwritten on the next identity update.
* @type {Array<VerifiableIdentityAddress>}
* @memberof CreateIdentityBody
*/
'verifiable_addresses'?: Array<VerifiableIdentityAddress>;
}
export const CreateIdentityBodyStateEnum = {
Active: 'active',
Inactive: 'inactive'
} as const;
export type CreateIdentityBodyStateEnum = typeof CreateIdentityBodyStateEnum[keyof typeof CreateIdentityBodyStateEnum];
/**
* Create Recovery Code for Identity Request Body
* @export
* @interface CreateRecoveryCodeForIdentityBody
*/
export interface CreateRecoveryCodeForIdentityBody {
/**
* Code Expires In The recovery code will expire after that amount of time has passed. Defaults to the configuration value of `selfservice.methods.code.config.lifespan`.
* @type {string}
* @memberof CreateRecoveryCodeForIdentityBody
*/
'expires_in'?: string;
/**
* The flow type can either be `api` or `browser`.
* @type {string}
* @memberof CreateRecoveryCodeForIdentityBody
*/
'flow_type'?: string;
/**
* Identity to Recover The identity\'s ID you wish to recover.
* @type {string}
* @memberof CreateRecoveryCodeForIdentityBody
*/
'identity_id': string;
}
/**
* Create Recovery Link for Identity Request Body
* @export
* @interface CreateRecoveryLinkForIdentityBody
*/
export interface CreateRecoveryLinkForIdentityBody {
/**
* Link Expires In The recovery link will expire after that amount of time has passed. Defaults to the configuration value of `selfservice.methods.code.config.lifespan`.
* @type {string}
* @memberof CreateRecoveryLinkForIdentityBody
*/
'expires_in'?: string;
/**
* Identity to Recover The identity\'s ID you wish to recover.
* @type {string}
* @memberof CreateRecoveryLinkForIdentityBody
*/
'identity_id': string;
}
/**
* Deleted Session Count
* @export
* @interface DeleteMySessionsCount
*/
export interface DeleteMySessionsCount {
/**
* The number of sessions that were revoked.
* @type {number}
* @memberof DeleteMySessionsCount
*/
'count'?: number;
}
/**
*
* @export
* @interface ErrorAuthenticatorAssuranceLevelNotSatisfied
*/
export interface ErrorAuthenticatorAssuranceLevelNotSatisfied {
/**
*
* @type {GenericError}
* @memberof ErrorAuthenticatorAssuranceLevelNotSatisfied
*/
'error'?: GenericError;
/**
* Points to where to redirect the user to next.
* @type {string}
* @memberof ErrorAuthenticatorAssuranceLevelNotSatisfied
*/
'redirect_browser_to'?: string;
}
/**
*
* @export
* @interface ErrorBrowserLocationChangeRequired
*/
export interface ErrorBrowserLocationChangeRequired {
/**
*
* @type {ErrorGeneric}
* @memberof ErrorBrowserLocationChangeRequired
*/
'error'?: ErrorGeneric;
/**
* Points to where to redirect the user to next.
* @type {string}
* @memberof ErrorBrowserLocationChangeRequired
*/
'redirect_browser_to'?: string;
}
/**
* Is sent when a flow is replaced by a different flow of the same class
* @export
* @interface ErrorFlowReplaced
*/
export interface ErrorFlowReplaced {
/**
*
* @type {GenericError}
* @memberof ErrorFlowReplaced
*/
'error'?: GenericError;
/**
* The flow ID that should be used for the new flow as it contains the correct messages.
* @type {string}
* @memberof ErrorFlowReplaced
*/
'use_flow_id'?: string;
}
/**
* The standard Ory JSON API error format.
* @export
* @interface ErrorGeneric
*/
export interface ErrorGeneric {
/**
*
* @type {GenericError}
* @memberof ErrorGeneric
*/
'error': GenericError;
}
/**
*
* @export
* @interface FlowError
*/
export interface FlowError {
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof FlowError
*/
'created_at'?: string;
/**
*
* @type {object}
* @memberof FlowError
*/
'error'?: object;
/**
* ID of the error container.
* @type {string}
* @memberof FlowError
*/
'id': string;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof FlowError
*/
'updated_at'?: string;
}
/**
*
* @export
* @interface GenericError
*/
export interface GenericError {
/**
* The status code
* @type {number}
* @memberof GenericError
*/
'code'?: number;
/**
* Debug information This field is often not exposed to protect against leaking sensitive information.
* @type {string}
* @memberof GenericError
*/
'debug'?: string;
/**
* Further error details
* @type {object}
* @memberof GenericError
*/
'details'?: object;
/**
* The error ID Useful when trying to identify various errors in application logic.
* @type {string}
* @memberof GenericError
*/
'id'?: string;
/**
* Error message The error\'s message.
* @type {string}
* @memberof GenericError
*/
'message': string;
/**
* A human-readable reason for the error
* @type {string}
* @memberof GenericError
*/
'reason'?: string;
/**
* The request ID The request ID is often exposed internally in order to trace errors across service architectures. This is often a UUID.
* @type {string}
* @memberof GenericError
*/
'request'?: string;
/**
* The status description
* @type {string}
* @memberof GenericError
*/
'status'?: string;
}
/**
*
* @export
* @interface GetVersion200Response
*/
export interface GetVersion200Response {
/**
* The version of Ory Kratos.
* @type {string}
* @memberof GetVersion200Response
*/
'version': string;
}
/**
*
* @export
* @interface HealthNotReadyStatus
*/
export interface HealthNotReadyStatus {
/**
* Errors contains a list of errors that caused the not ready status.
* @type {{ [key: string]: string; }}
* @memberof HealthNotReadyStatus
*/
'errors'?: { [key: string]: string; };
}
/**
*
* @export
* @interface HealthStatus
*/
export interface HealthStatus {
/**
* Status always contains \"ok\".
* @type {string}
* @memberof HealthStatus
*/
'status'?: string;
}
/**
* An [identity](https://www.ory.sh/docs/kratos/concepts/identity-user-model) represents a (human) user in Ory.
* @export
* @interface Identity
*/
export interface Identity {
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof Identity
*/
'created_at'?: string;
/**
* Credentials represents all credentials that can be used for authenticating this identity.
* @type {{ [key: string]: IdentityCredentials; }}
* @memberof Identity
*/
'credentials'?: { [key: string]: IdentityCredentials; };
/**
* ID is the identity\'s unique identifier. The Identity ID can not be changed and can not be chosen. This ensures future compatibility and optimization for distributed stores such as CockroachDB.
* @type {string}
* @memberof Identity
*/
'id': string;
/**
* NullJSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger and is NULLable-
* @type {any}
* @memberof Identity
*/
'metadata_admin'?: any | null;
/**
* NullJSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger and is NULLable-
* @type {any}
* @memberof Identity
*/
'metadata_public'?: any | null;
/**
*
* @type {string}
* @memberof Identity
*/
'organization_id'?: string | null;
/**
* RecoveryAddresses contains all the addresses that can be used to recover an identity.
* @type {Array<RecoveryIdentityAddress>}
* @memberof Identity
*/
'recovery_addresses'?: Array<RecoveryIdentityAddress>;
/**
* SchemaID is the ID of the JSON Schema to be used for validating the identity\'s traits.
* @type {string}
* @memberof Identity
*/
'schema_id': string;
/**
* SchemaURL is the URL of the endpoint where the identity\'s traits schema can be fetched from. format: url
* @type {string}
* @memberof Identity
*/
'schema_url': string;
/**
* State is the identity\'s state. This value has currently no effect. active StateActive inactive StateInactive
* @type {string}
* @memberof Identity
*/
'state'?: IdentityStateEnum;
/**
*
* @type {string}
* @memberof Identity
*/
'state_changed_at'?: string;
/**
* Traits represent an identity\'s traits. The identity is able to create, modify, and delete traits in a self-service manner. The input will always be validated against the JSON Schema defined in `schema_url`.
* @type {any}
* @memberof Identity
*/
'traits': any;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof Identity
*/
'updated_at'?: string;
/**
* VerifiableAddresses contains all the addresses that can be verified by the user.
* @type {Array<VerifiableIdentityAddress>}
* @memberof Identity
*/
'verifiable_addresses'?: Array<VerifiableIdentityAddress>;
}
export const IdentityStateEnum = {
Active: 'active',
Inactive: 'inactive'
} as const;
export type IdentityStateEnum = typeof IdentityStateEnum[keyof typeof IdentityStateEnum];
/**
* Credentials represents a specific credential type
* @export
* @interface IdentityCredentials
*/
export interface IdentityCredentials {
/**
*
* @type {object}
* @memberof IdentityCredentials
*/
'config'?: object;
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof IdentityCredentials
*/
'created_at'?: string;
/**
* Identifiers represents a list of unique identifiers this credential type matches.
* @type {Array<string>}
* @memberof IdentityCredentials
*/
'identifiers'?: Array<string>;
/**
* Type discriminates between different types of credentials. password CredentialsTypePassword oidc CredentialsTypeOIDC totp CredentialsTypeTOTP lookup_secret CredentialsTypeLookup webauthn CredentialsTypeWebAuthn code CredentialsTypeCodeAuth passkey CredentialsTypePasskey profile CredentialsTypeProfile saml CredentialsTypeSAML link_recovery CredentialsTypeRecoveryLink CredentialsTypeRecoveryLink is a special credential type linked to the link strategy (recovery flow). It is not used within the credentials object itself. code_recovery CredentialsTypeRecoveryCode
* @type {string}
* @memberof IdentityCredentials
*/
'type'?: IdentityCredentialsTypeEnum;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof IdentityCredentials
*/
'updated_at'?: string;
/**
* Version refers to the version of the credential. Useful when changing the config schema.
* @type {number}
* @memberof IdentityCredentials
*/
'version'?: number;
}
export const IdentityCredentialsTypeEnum = {
Password: 'password',
Oidc: 'oidc',
Totp: 'totp',
LookupSecret: 'lookup_secret',
Webauthn: 'webauthn',
Code: 'code',
Passkey: 'passkey',
Profile: 'profile',
Saml: 'saml',
LinkRecovery: 'link_recovery',
CodeRecovery: 'code_recovery'
} as const;
export type IdentityCredentialsTypeEnum = typeof IdentityCredentialsTypeEnum[keyof typeof IdentityCredentialsTypeEnum];
/**
* CredentialsCode represents a one time login/registration code
* @export
* @interface IdentityCredentialsCode
*/
export interface IdentityCredentialsCode {
/**
*
* @type {Array<IdentityCredentialsCodeAddress>}
* @memberof IdentityCredentialsCode
*/
'addresses'?: Array<IdentityCredentialsCodeAddress>;
}
/**
*
* @export
* @interface IdentityCredentialsCodeAddress
*/
export interface IdentityCredentialsCodeAddress {
/**
* The address for this code
* @type {string}
* @memberof IdentityCredentialsCodeAddress
*/
'address'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsCodeAddress
*/
'channel'?: string;
}
/**
*
* @export
* @interface IdentityCredentialsOidc
*/
export interface IdentityCredentialsOidc {
/**
*
* @type {Array<IdentityCredentialsOidcProvider>}
* @memberof IdentityCredentialsOidc
*/
'providers'?: Array<IdentityCredentialsOidcProvider>;
}
/**
*
* @export
* @interface IdentityCredentialsOidcProvider
*/
export interface IdentityCredentialsOidcProvider {
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'initial_access_token'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'initial_id_token'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'initial_refresh_token'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'organization'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'provider'?: string;
/**
*
* @type {string}
* @memberof IdentityCredentialsOidcProvider
*/
'subject'?: string;
/**
*
* @type {boolean}
* @memberof IdentityCredentialsOidcProvider
*/
'use_auto_link'?: boolean;
}
/**
*
* @export
* @interface IdentityCredentialsPassword
*/
export interface IdentityCredentialsPassword {
/**
* HashedPassword is a hash-representation of the password.
* @type {string}
* @memberof IdentityCredentialsPassword
*/
'hashed_password'?: string;
/**
* UsePasswordMigrationHook is set to true if the password should be migrated using the password migration hook. If set, and the HashedPassword is empty, a webhook will be called during login to migrate the password.
* @type {boolean}
* @memberof IdentityCredentialsPassword
*/
'use_password_migration_hook'?: boolean;
}
/**
* Payload for patching an identity
* @export
* @interface IdentityPatch
*/
export interface IdentityPatch {
/**
*
* @type {CreateIdentityBody}
* @memberof IdentityPatch
*/
'create'?: CreateIdentityBody;
/**
* The ID of this patch. The patch ID is optional. If specified, the ID will be returned in the response, so consumers of this API can correlate the response with the patch.
* @type {string}
* @memberof IdentityPatch
*/
'patch_id'?: string;
}
/**
* Response for a single identity patch
* @export
* @interface IdentityPatchResponse
*/
export interface IdentityPatchResponse {
/**
* The action for this specific patch create ActionCreate Create this identity. error ActionError Error indicates that the patch failed.
* @type {string}
* @memberof IdentityPatchResponse
*/
'action'?: IdentityPatchResponseActionEnum;
/**
*
* @type {any}
* @memberof IdentityPatchResponse
*/
'error'?: any;
/**
* The identity ID payload of this patch
* @type {string}
* @memberof IdentityPatchResponse
*/
'identity'?: string;
/**
* The ID of this patch response, if an ID was specified in the patch.
* @type {string}
* @memberof IdentityPatchResponse
*/
'patch_id'?: string;
}
export const IdentityPatchResponseActionEnum = {
Create: 'create',
Error: 'error'
} as const;
export type IdentityPatchResponseActionEnum = typeof IdentityPatchResponseActionEnum[keyof typeof IdentityPatchResponseActionEnum];
/**
* An Identity JSON Schema Container
* @export
* @interface IdentitySchemaContainer
*/
export interface IdentitySchemaContainer {
/**
* The ID of the Identity JSON Schema
* @type {string}
* @memberof IdentitySchemaContainer
*/
'id'?: string;
/**
* The actual Identity JSON Schema
* @type {object}
* @memberof IdentitySchemaContainer
*/
'schema'?: object;
}
/**
* Create Identity and Import Credentials
* @export
* @interface IdentityWithCredentials
*/
export interface IdentityWithCredentials {
/**
*
* @type {IdentityWithCredentialsOidc}
* @memberof IdentityWithCredentials
*/
'oidc'?: IdentityWithCredentialsOidc;
/**
*
* @type {IdentityWithCredentialsPassword}
* @memberof IdentityWithCredentials
*/
'password'?: IdentityWithCredentialsPassword;
}
/**
* Create Identity and Import Social Sign In Credentials
* @export
* @interface IdentityWithCredentialsOidc
*/
export interface IdentityWithCredentialsOidc {
/**
*
* @type {IdentityWithCredentialsOidcConfig}
* @memberof IdentityWithCredentialsOidc
*/
'config'?: IdentityWithCredentialsOidcConfig;
}
/**
*
* @export
* @interface IdentityWithCredentialsOidcConfig
*/
export interface IdentityWithCredentialsOidcConfig {
/**
*
* @type {IdentityWithCredentialsPasswordConfig}
* @memberof IdentityWithCredentialsOidcConfig
*/
'config'?: IdentityWithCredentialsPasswordConfig;
/**
* A list of OpenID Connect Providers
* @type {Array<IdentityWithCredentialsOidcConfigProvider>}
* @memberof IdentityWithCredentialsOidcConfig
*/
'providers'?: Array<IdentityWithCredentialsOidcConfigProvider>;
}
/**
* Create Identity and Import Social Sign In Credentials Configuration
* @export
* @interface IdentityWithCredentialsOidcConfigProvider
*/
export interface IdentityWithCredentialsOidcConfigProvider {
/**
* The OpenID Connect provider to link the subject to. Usually something like `google` or `github`.
* @type {string}
* @memberof IdentityWithCredentialsOidcConfigProvider
*/
'provider': string;
/**
* The subject (`sub`) of the OpenID Connect connection. Usually the `sub` field of the ID Token.
* @type {string}
* @memberof IdentityWithCredentialsOidcConfigProvider
*/
'subject': string;
/**
* If set, this credential allows the user to sign in using the OpenID Connect provider without setting the subject first.
* @type {boolean}
* @memberof IdentityWithCredentialsOidcConfigProvider
*/
'use_auto_link'?: boolean;
}
/**
* Create Identity and Import Password Credentials
* @export
* @interface IdentityWithCredentialsPassword
*/
export interface IdentityWithCredentialsPassword {
/**
*
* @type {IdentityWithCredentialsPasswordConfig}
* @memberof IdentityWithCredentialsPassword
*/
'config'?: IdentityWithCredentialsPasswordConfig;
}
/**
* Create Identity and Import Password Credentials Configuration
* @export
* @interface IdentityWithCredentialsPasswordConfig
*/
export interface IdentityWithCredentialsPasswordConfig {
/**
* The hashed password in [PHC format](https://www.ory.sh/docs/kratos/manage-identities/import-user-accounts-identities#hashed-passwords)
* @type {string}
* @memberof IdentityWithCredentialsPasswordConfig
*/
'hashed_password'?: string;
/**
* The password in plain text if no hash is available.
* @type {string}
* @memberof IdentityWithCredentialsPasswordConfig
*/
'password'?: string;
/**
* If set to true, the password will be migrated using the password migration hook.
* @type {boolean}
* @memberof IdentityWithCredentialsPasswordConfig
*/
'use_password_migration_hook'?: boolean;
}
/**
*
* @export
* @interface IsAlive200Response
*/
export interface IsAlive200Response {
/**
* Always \"ok\".
* @type {string}
* @memberof IsAlive200Response
*/
'status': string;
}
/**
*
* @export
* @interface IsReady503Response
*/
export interface IsReady503Response {
/**
* Errors contains a list of errors that caused the not ready status.
* @type {{ [key: string]: string; }}
* @memberof IsReady503Response
*/
'errors': { [key: string]: string; };
}
/**
* A JSONPatch document as defined by RFC 6902
* @export
* @interface JsonPatch
*/
export interface JsonPatch {
/**
* This field is used together with operation \"move\" and uses JSON Pointer notation. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5).
* @type {string}
* @memberof JsonPatch
*/
'from'?: string;
/**
* The operation to be performed. One of \"add\", \"remove\", \"replace\", \"move\", \"copy\", or \"test\".
* @type {string}
* @memberof JsonPatch
*/
'op': string;
/**
* The path to the target path. Uses JSON pointer notation. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5).
* @type {string}
* @memberof JsonPatch
*/
'path': string;
/**
* The value to be used within the operations. Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5).
* @type {any}
* @memberof JsonPatch
*/
'value'?: any;
}
/**
* This object represents a login flow. A login flow is initiated at the \"Initiate Login API / Browser Flow\" endpoint by a client. Once a login flow is completed successfully, a session cookie or session token will be issued.
* @export
* @interface LoginFlow
*/
export interface LoginFlow {
/**
* The active login method If set contains the login method used. If the flow is new, it is unset. password CredentialsTypePassword oidc CredentialsTypeOIDC totp CredentialsTypeTOTP lookup_secret CredentialsTypeLookup webauthn CredentialsTypeWebAuthn code CredentialsTypeCodeAuth passkey CredentialsTypePasskey profile CredentialsTypeProfile saml CredentialsTypeSAML link_recovery CredentialsTypeRecoveryLink CredentialsTypeRecoveryLink is a special credential type linked to the link strategy (recovery flow). It is not used within the credentials object itself. code_recovery CredentialsTypeRecoveryCode
* @type {string}
* @memberof LoginFlow
*/
'active'?: LoginFlowActiveEnum;
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof LoginFlow
*/
'created_at'?: string;
/**
* ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in, a new flow has to be initiated.
* @type {string}
* @memberof LoginFlow
*/
'expires_at': string;
/**
* ID represents the flow\'s unique ID. When performing the login flow, this represents the id in the login UI\'s query parameter: http://<selfservice.flows.login.ui_url>/?flow=<flow_id>
* @type {string}
* @memberof LoginFlow
*/
'id': string;
/**
* IssuedAt is the time (UTC) when the flow started.
* @type {string}
* @memberof LoginFlow
*/
'issued_at': string;
/**
* Ory OAuth 2.0 Login Challenge. This value is set using the `login_challenge` query parameter of the registration and login endpoints. If set will cooperate with Ory OAuth2 and OpenID to act as an OAuth2 server / OpenID Provider.
* @type {string}
* @memberof LoginFlow
*/
'oauth2_login_challenge'?: string;
/**
*
* @type {OAuth2LoginRequest}
* @memberof LoginFlow
*/
'oauth2_login_request'?: OAuth2LoginRequest;
/**
*
* @type {string}
* @memberof LoginFlow
*/
'organization_id'?: string | null;
/**
* Refresh stores whether this login flow should enforce re-authentication.
* @type {boolean}
* @memberof LoginFlow
*/
'refresh'?: boolean;
/**
* RequestURL is the initial URL that was requested from Ory Kratos. It can be used to forward information contained in the URL\'s path or query for example.
* @type {string}
* @memberof LoginFlow
*/
'request_url': string;
/**
*
* @type {AuthenticatorAssuranceLevel}
* @memberof LoginFlow
*/
'requested_aal'?: AuthenticatorAssuranceLevel;
/**
* ReturnTo contains the requested return_to URL.
* @type {string}
* @memberof LoginFlow
*/
'return_to'?: string;
/**
* SessionTokenExchangeCode holds the secret code that the client can use to retrieve a session token after the login flow has been completed. This is only set if the client has requested a session token exchange code, and if the flow is of type \"api\", and only on creating the login flow.
* @type {string}
* @memberof LoginFlow
*/
'session_token_exchange_code'?: string;
/**
* State represents the state of this request: choose_method: ask the user to choose a method to sign in with sent_email: the email has been sent to the user passed_challenge: the request was successful and the login challenge was passed.
* @type {any}
* @memberof LoginFlow
*/
'state': any;
/**
* TransientPayload is used to pass data from the login to hooks and email templates
* @type {object}
* @memberof LoginFlow
*/
'transient_payload'?: object;
/**
* The flow type can either be `api` or `browser`.
* @type {string}
* @memberof LoginFlow
*/
'type': string;
/**
*
* @type {UiContainer}
* @memberof LoginFlow
*/
'ui': UiContainer;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof LoginFlow
*/
'updated_at'?: string;
}
export const LoginFlowActiveEnum = {
Password: 'password',
Oidc: 'oidc',
Totp: 'totp',
LookupSecret: 'lookup_secret',
Webauthn: 'webauthn',
Code: 'code',
Passkey: 'passkey',
Profile: 'profile',
Saml: 'saml',
LinkRecovery: 'link_recovery',
CodeRecovery: 'code_recovery'
} as const;
export type LoginFlowActiveEnum = typeof LoginFlowActiveEnum[keyof typeof LoginFlowActiveEnum];
/**
* The experimental state represents the state of a login flow. This field is EXPERIMENTAL and subject to change!
* @export
* @enum {string}
*/
export const LoginFlowState = {
ChooseMethod: 'choose_method',
SentEmail: 'sent_email',
PassedChallenge: 'passed_challenge'
} as const;
export type LoginFlowState = typeof LoginFlowState[keyof typeof LoginFlowState];
/**
* Logout Flow
* @export
* @interface LogoutFlow
*/
export interface LogoutFlow {
/**
* LogoutToken can be used to perform logout using AJAX.
* @type {string}
* @memberof LogoutFlow
*/
'logout_token': string;
/**
* LogoutURL can be opened in a browser to sign the user out. format: uri
* @type {string}
* @memberof LogoutFlow
*/
'logout_url': string;
}
/**
*
* @export
* @interface Message
*/
export interface Message {
/**
*
* @type {string}
* @memberof Message
*/
'body': string;
/**
*
* @type {string}
* @memberof Message
*/
'channel'?: string;
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof Message
*/
'created_at': string;
/**
* Dispatches store information about the attempts of delivering a message May contain an error if any happened, or just the `success` state.
* @type {Array<MessageDispatch>}
* @memberof Message
*/
'dispatches'?: Array<MessageDispatch>;
/**
*
* @type {string}
* @memberof Message
*/
'id': string;
/**
*
* @type {string}
* @memberof Message
*/
'recipient': string;
/**
*
* @type {number}
* @memberof Message
*/
'send_count': number;
/**
*
* @type {CourierMessageStatus}
* @memberof Message
*/
'status': CourierMessageStatus;
/**
*
* @type {string}
* @memberof Message
*/
'subject': string;
/**
* recovery_invalid TypeRecoveryInvalid recovery_valid TypeRecoveryValid recovery_code_invalid TypeRecoveryCodeInvalid recovery_code_valid TypeRecoveryCodeValid verification_invalid TypeVerificationInvalid verification_valid TypeVerificationValid verification_code_invalid TypeVerificationCodeInvalid verification_code_valid TypeVerificationCodeValid stub TypeTestStub login_code_valid TypeLoginCodeValid registration_code_valid TypeRegistrationCodeValid
* @type {string}
* @memberof Message
*/
'template_type': MessageTemplateTypeEnum;
/**
*
* @type {CourierMessageType}
* @memberof Message
*/
'type': CourierMessageType;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof Message
*/
'updated_at': string;
}
export const MessageTemplateTypeEnum = {
RecoveryInvalid: 'recovery_invalid',
RecoveryValid: 'recovery_valid',
RecoveryCodeInvalid: 'recovery_code_invalid',
RecoveryCodeValid: 'recovery_code_valid',
VerificationInvalid: 'verification_invalid',
VerificationValid: 'verification_valid',
VerificationCodeInvalid: 'verification_code_invalid',
VerificationCodeValid: 'verification_code_valid',
Stub: 'stub',
LoginCodeValid: 'login_code_valid',
RegistrationCodeValid: 'registration_code_valid'
} as const;
export type MessageTemplateTypeEnum = typeof MessageTemplateTypeEnum[keyof typeof MessageTemplateTypeEnum];
/**
* MessageDispatch represents an attempt of sending a courier message It contains the status of the attempt (failed or successful) and the error if any occured
* @export
* @interface MessageDispatch
*/
export interface MessageDispatch {
/**
* CreatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof MessageDispatch
*/
'created_at': string;
/**
*
* @type {object}
* @memberof MessageDispatch
*/
'error'?: object;
/**
* The ID of this message dispatch
* @type {string}
* @memberof MessageDispatch
*/
'id': string;
/**
* The ID of the message being dispatched
* @type {string}
* @memberof MessageDispatch
*/
'message_id': string;
/**
* The status of this dispatch Either \"failed\" or \"success\" failed CourierMessageDispatchStatusFailed success CourierMessageDispatchStatusSuccess
* @type {string}
* @memberof MessageDispatch
*/
'status': MessageDispatchStatusEnum;
/**
* UpdatedAt is a helper struct field for gobuffalo.pop.
* @type {string}
* @memberof MessageDispatch
*/
'updated_at': string;
}
export const MessageDispatchStatusEnum = {
Failed: 'failed',
Success: 'success'
} as const;
export type MessageDispatchStatusEnum = typeof MessageDispatchStatusEnum[keyof typeof MessageDispatchStatusEnum];
/**
*
* @export
* @interface NeedsPrivilegedSessionError
*/
export interface NeedsPrivilegedSessionError {
/**
*
* @type {GenericError}
* @memberof NeedsPrivilegedSessionError
*/
'error'?: GenericError;
/**
* Points to where to redirect the user to next.
* @type {string}
* @memberof NeedsPrivilegedSessionError
*/
'redirect_browser_to': string;
}
/**
*
* @export
* @interface OAuth2Client
*/
export interface OAuth2Client {
/**
* OAuth 2.0 Access Token Strategy AccessTokenStrategy is the strategy used to generate access tokens. Valid options are `jwt` and `opaque`. `jwt` is a bad idea, see https://www.ory.sh/docs/hydra/advanced#json-web-tokens Setting the stragegy here overrides the global setting in `strategies.access_token`.
* @type {string}
* @memberof OAuth2Client
*/
'access_token_strategy'?: string;
/**
*
* @type {Array<string>}
* @memberof OAuth2Client
*/
'allowed_cors_origins'?: Array<string>;
/**
*
* @type {Array<string>}
* @memberof OAuth2Client
*/
'audience'?: Array<string>;
/**
* Specify a time duration in milliseconds, seconds, minutes, hours.
* @type {string}
* @memberof OAuth2Client
*/
'authorization_code_grant_access_token_lifespan'?: string;
/**
* Specify a time duration in milliseconds, seconds, minutes, hours.
* @type {string}
* @memberof OAuth2Client
*/
'authorization_code_grant_id_token_lifespan'?: string;
/**
* Specify a time duration in milliseconds, seconds, minutes, hours.
* @type {string}
* @memberof OAuth2Client
*/
'authorization_code_grant_refresh_token_lifespan'?: string;
/**
* OpenID Connect Back-Channel Logout Session Required Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false.
* @type {boolean}
* @memberof OAuth2Client
*/
'backchannel_logout_session_required'?: boolean;
/**
* OpenID Connect Back-Channel Logout URI RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.
* @type {string}
* @memberof OAuth2Client
*/
'backchannel_logout_uri'?: string;
/**
* Specify a time duration in milliseconds, seconds, minutes, hours.
* @type {string}
* @memberof OAuth2Client
*/
'client_credentials_grant_access_token_lifespan'?: string;
/**
* OAuth 2.0 Client ID The ID is immutable. If no ID is provided, a UUID4 will be generated.
* @type {string}
* @memberof OAuth2Client
*/
'client_id'?: string;
/**
* OAuth 2.0 Client Name The human-readable name of the client to be presented to the end-user during authorization.
* @type {string}
* @memberof OAuth2Client
*/
'client_name'?: string;
/**
* OAuth 2.0 Client Secret The secret will be included in the create request as cleartext, and then never again. The secret is kept in hashed format and is not recoverable once lost.
* @type {string}
* @memberof OAuth2Client
*/
'client_secret'?: string;
/**
* OAuth 2.0 Client Secret Expires At The field is currently not supported and its value is always 0.
* @type {number}
* @memberof OAuth2Client
*/
'client_secret_expires_at'?: number;
/**
* OAuth 2.0 Client URI ClientURI is a URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion.
* @type {string}
* @memberof OAuth2Client
*/
'client_uri'?: string;
/**
*
* @type {Array<string>}
* @memberof OAuth2Client
*/
'contacts'?: Array<string>;
/**
* OAuth 2.0 Client Creation Date CreatedAt returns the timestamp of the client\'s creation.
* @type {string}
* @memberof OAuth2Client
*/
'created_at'?: string;
/**
* OpenID Connect Front-Channel Logout Session Required Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be included to identify the RP session with the OP when the frontchannel_logout_uri is used. If omitted, the default value is false.
* @type {boolean}
* @memberof OAuth2Client
*/
'frontchannel_logout_session_required'?: boolean;
/**
* OpenID Connect Front-Channel Logout URI RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out; if either is included, both MUST be.
* @type {string}
* @memberof OAuth2Client
*/
'frontchannel_logout_uri'?: string;
/**
*
* @type {Array<string>}
* @memberof OAuth2Client
*/
'grant_types'?: Array<string>;