authentik-api 2025.12.4 → 2026.2.2.rc1

data/lib/authentik/api/api/rbac_api.rb

@@ -576,7 +576,7 @@ module Authentik::Api
         fail ArgumentError, "Missing the required parameter 'model' when calling RbacApi.rbac_permissions_assigned_by_roles_list"
       end
       # verify enum value
-      allowable_values = ["authentik_blueprints.blueprintinstance", "authentik_brands.brand", "authentik_core.application", "authentik_core.applicationentitlement", "authentik_core.group", "authentik_core.token", "authentik_core.user", "authentik_crypto.certificatekeypair", "authentik_endpoints.deviceaccessgroup", "authentik_endpoints.deviceuserbinding", "authentik_endpoints.endpointstage", "authentik_endpoints_connectors_agent.agentconnector", "authentik_endpoints_connectors_agent.agentdeviceuserbinding", "authentik_endpoints_connectors_agent.enrollmenttoken", "authentik_enterprise.license", "authentik_events.event", "authentik_events.notification", "authentik_events.notificationrule", "authentik_events.notificationtransport", "authentik_events.notificationwebhookmapping", "authentik_flows.flow", "authentik_flows.flowstagebinding", "authentik_outposts.dockerserviceconnection", "authentik_outposts.kubernetesserviceconnection", "authentik_outposts.outpost", "authentik_policies.policybinding", "authentik_policies_dummy.dummypolicy", "authentik_policies_event_matcher.eventmatcherpolicy", "authentik_policies_expiry.passwordexpirypolicy", "authentik_policies_expression.expressionpolicy", "authentik_policies_geoip.geoippolicy", "authentik_policies_password.passwordpolicy", "authentik_policies_reputation.reputationpolicy", "authentik_policies_unique_password.uniquepasswordpolicy", "authentik_providers_google_workspace.googleworkspaceprovider", "authentik_providers_google_workspace.googleworkspaceprovidermapping", "authentik_providers_ldap.ldapprovider", "authentik_providers_microsoft_entra.microsoftentraprovider", "authentik_providers_microsoft_entra.microsoftentraprovidermapping", "authentik_providers_oauth2.oauth2provider", "authentik_providers_oauth2.scopemapping", "authentik_providers_proxy.proxyprovider", "authentik_providers_rac.endpoint", "authentik_providers_rac.racpropertymapping", "authentik_providers_rac.racprovider", "authentik_providers_radius.radiusprovider", "authentik_providers_radius.radiusproviderpropertymapping", "authentik_providers_saml.samlpropertymapping", "authentik_providers_saml.samlprovider", "authentik_providers_scim.scimmapping", "authentik_providers_scim.scimprovider", "authentik_providers_ssf.ssfprovider", "authentik_rbac.initialpermissions", "authentik_rbac.role", "authentik_reports.dataexport", "authentik_sources_kerberos.groupkerberossourceconnection", "authentik_sources_kerberos.kerberossource", "authentik_sources_kerberos.kerberossourcepropertymapping", "authentik_sources_kerberos.userkerberossourceconnection", "authentik_sources_ldap.groupldapsourceconnection", "authentik_sources_ldap.ldapsource", "authentik_sources_ldap.ldapsourcepropertymapping", "authentik_sources_ldap.userldapsourceconnection", "authentik_sources_oauth.groupoauthsourceconnection", "authentik_sources_oauth.oauthsource", "authentik_sources_oauth.oauthsourcepropertymapping", "authentik_sources_oauth.useroauthsourceconnection", "authentik_sources_plex.groupplexsourceconnection", "authentik_sources_plex.plexsource", "authentik_sources_plex.plexsourcepropertymapping", "authentik_sources_plex.userplexsourceconnection", "authentik_sources_saml.groupsamlsourceconnection", "authentik_sources_saml.samlsource", "authentik_sources_saml.samlsourcepropertymapping", "authentik_sources_saml.usersamlsourceconnection", "authentik_sources_scim.scimsource", "authentik_sources_scim.scimsourcepropertymapping", "authentik_sources_telegram.grouptelegramsourceconnection", "authentik_sources_telegram.telegramsource", "authentik_sources_telegram.telegramsourcepropertymapping", "authentik_sources_telegram.usertelegramsourceconnection", "authentik_stages_authenticator_duo.authenticatorduostage", "authentik_stages_authenticator_duo.duodevice", "authentik_stages_authenticator_email.authenticatoremailstage", "authentik_stages_authenticator_email.emaildevice", "authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage", "authentik_stages_authenticator_sms.authenticatorsmsstage", "authentik_stages_authenticator_sms.smsdevice", "authentik_stages_authenticator_static.authenticatorstaticstage", "authentik_stages_authenticator_static.staticdevice", "authentik_stages_authenticator_totp.authenticatortotpstage", "authentik_stages_authenticator_totp.totpdevice", "authentik_stages_authenticator_validate.authenticatorvalidatestage", "authentik_stages_authenticator_webauthn.authenticatorwebauthnstage", "authentik_stages_authenticator_webauthn.webauthndevice", "authentik_stages_captcha.captchastage", "authentik_stages_consent.consentstage", "authentik_stages_deny.denystage", "authentik_stages_dummy.dummystage", "authentik_stages_email.emailstage", "authentik_stages_identification.identificationstage", "authentik_stages_invitation.invitation", "authentik_stages_invitation.invitationstage", "authentik_stages_mtls.mutualtlsstage", "authentik_stages_password.passwordstage", "authentik_stages_prompt.prompt", "authentik_stages_prompt.promptstage", "authentik_stages_redirect.redirectstage", "authentik_stages_source.sourcestage", "authentik_stages_user_delete.userdeletestage", "authentik_stages_user_login.userloginstage", "authentik_stages_user_logout.userlogoutstage", "authentik_stages_user_write.userwritestage", "authentik_tasks_schedules.schedule", "authentik_tenants.domain"]
+      allowable_values = ["authentik_blueprints.blueprintinstance", "authentik_brands.brand", "authentik_core.application", "authentik_core.applicationentitlement", "authentik_core.group", "authentik_core.token", "authentik_core.user", "authentik_crypto.certificatekeypair", "authentik_endpoints.deviceaccessgroup", "authentik_endpoints.deviceuserbinding", "authentik_endpoints.endpointstage", "authentik_endpoints_connectors_agent.agentconnector", "authentik_endpoints_connectors_agent.agentdeviceuserbinding", "authentik_endpoints_connectors_agent.enrollmenttoken", "authentik_endpoints_connectors_fleet.fleetconnector", "authentik_enterprise.license", "authentik_events.event", "authentik_events.notification", "authentik_events.notificationrule", "authentik_events.notificationtransport", "authentik_events.notificationwebhookmapping", "authentik_flows.flow", "authentik_flows.flowstagebinding", "authentik_lifecycle.lifecycleiteration", "authentik_lifecycle.lifecyclerule", "authentik_lifecycle.review", "authentik_outposts.dockerserviceconnection", "authentik_outposts.kubernetesserviceconnection", "authentik_outposts.outpost", "authentik_policies.policybinding", "authentik_policies_dummy.dummypolicy", "authentik_policies_event_matcher.eventmatcherpolicy", "authentik_policies_expiry.passwordexpirypolicy", "authentik_policies_expression.expressionpolicy", "authentik_policies_geoip.geoippolicy", "authentik_policies_password.passwordpolicy", "authentik_policies_reputation.reputationpolicy", "authentik_policies_unique_password.uniquepasswordpolicy", "authentik_providers_google_workspace.googleworkspaceprovider", "authentik_providers_google_workspace.googleworkspaceprovidermapping", "authentik_providers_ldap.ldapprovider", "authentik_providers_microsoft_entra.microsoftentraprovider", "authentik_providers_microsoft_entra.microsoftentraprovidermapping", "authentik_providers_oauth2.oauth2provider", "authentik_providers_oauth2.scopemapping", "authentik_providers_proxy.proxyprovider", "authentik_providers_rac.endpoint", "authentik_providers_rac.racpropertymapping", "authentik_providers_rac.racprovider", "authentik_providers_radius.radiusprovider", "authentik_providers_radius.radiusproviderpropertymapping", "authentik_providers_saml.samlpropertymapping", "authentik_providers_saml.samlprovider", "authentik_providers_scim.scimmapping", "authentik_providers_scim.scimprovider", "authentik_providers_ssf.ssfprovider", "authentik_providers_ws_federation.wsfederationprovider", "authentik_rbac.initialpermissions", "authentik_rbac.role", "authentik_reports.dataexport", "authentik_sources_kerberos.groupkerberossourceconnection", "authentik_sources_kerberos.kerberossource", "authentik_sources_kerberos.kerberossourcepropertymapping", "authentik_sources_kerberos.userkerberossourceconnection", "authentik_sources_ldap.groupldapsourceconnection", "authentik_sources_ldap.ldapsource", "authentik_sources_ldap.ldapsourcepropertymapping", "authentik_sources_ldap.userldapsourceconnection", "authentik_sources_oauth.groupoauthsourceconnection", "authentik_sources_oauth.oauthsource", "authentik_sources_oauth.oauthsourcepropertymapping", "authentik_sources_oauth.useroauthsourceconnection", "authentik_sources_plex.groupplexsourceconnection", "authentik_sources_plex.plexsource", "authentik_sources_plex.plexsourcepropertymapping", "authentik_sources_plex.userplexsourceconnection", "authentik_sources_saml.groupsamlsourceconnection", "authentik_sources_saml.samlsource", "authentik_sources_saml.samlsourcepropertymapping", "authentik_sources_saml.usersamlsourceconnection", "authentik_sources_scim.scimsource", "authentik_sources_scim.scimsourcepropertymapping", "authentik_sources_telegram.grouptelegramsourceconnection", "authentik_sources_telegram.telegramsource", "authentik_sources_telegram.telegramsourcepropertymapping", "authentik_sources_telegram.usertelegramsourceconnection", "authentik_stages_authenticator_duo.authenticatorduostage", "authentik_stages_authenticator_duo.duodevice", "authentik_stages_authenticator_email.authenticatoremailstage", "authentik_stages_authenticator_email.emaildevice", "authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage", "authentik_stages_authenticator_sms.authenticatorsmsstage", "authentik_stages_authenticator_sms.smsdevice", "authentik_stages_authenticator_static.authenticatorstaticstage", "authentik_stages_authenticator_static.staticdevice", "authentik_stages_authenticator_totp.authenticatortotpstage", "authentik_stages_authenticator_totp.totpdevice", "authentik_stages_authenticator_validate.authenticatorvalidatestage", "authentik_stages_authenticator_webauthn.authenticatorwebauthnstage", "authentik_stages_authenticator_webauthn.webauthndevice", "authentik_stages_captcha.captchastage", "authentik_stages_consent.consentstage", "authentik_stages_deny.denystage", "authentik_stages_dummy.dummystage", "authentik_stages_email.emailstage", "authentik_stages_identification.identificationstage", "authentik_stages_invitation.invitation", "authentik_stages_invitation.invitationstage", "authentik_stages_mtls.mutualtlsstage", "authentik_stages_password.passwordstage", "authentik_stages_prompt.prompt", "authentik_stages_prompt.promptstage", "authentik_stages_redirect.redirectstage", "authentik_stages_source.sourcestage", "authentik_stages_user_delete.userdeletestage", "authentik_stages_user_login.userloginstage", "authentik_stages_user_logout.userlogoutstage", "authentik_stages_user_write.userwritestage", "authentik_tasks_schedules.schedule", "authentik_tenants.domain"]
       if @api_client.config.client_side_validation && !allowable_values.include?(model)
         fail ArgumentError, "invalid value for \"model\", must be one of #{allowable_values}"
       end
@@ -704,7 +704,6 @@ module Authentik::Api
     # @option opts [Integer] :page_size Number of results to return per page.
     # @option opts [String] :role 
     # @option opts [String] :search A search term.
-    # @option opts [Integer] :user 
     # @return [PaginatedPermissionList]
     def rbac_permissions_list(opts = {})
       data, _status_code, _headers = rbac_permissions_list_with_http_info(opts)
@@ -721,7 +720,6 @@ module Authentik::Api
     # @option opts [Integer] :page_size Number of results to return per page.
     # @option opts [String] :role 
     # @option opts [String] :search A search term.
-    # @option opts [Integer] :user 
     # @return [Array<(PaginatedPermissionList, Integer, Hash)>] PaginatedPermissionList data, response status code and response headers
     def rbac_permissions_list_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -740,7 +738,6 @@ module Authentik::Api
       query_params[:'page_size'] = opts[:'page_size'] if !opts[:'page_size'].nil?
       query_params[:'role'] = opts[:'role'] if !opts[:'role'].nil?
       query_params[:'search'] = opts[:'search'] if !opts[:'search'].nil?
-      query_params[:'user'] = opts[:'user'] if !opts[:'user'].nil?
 
       # header parameters
       header_params = opts[:header_params] || {}
@@ -1108,8 +1105,8 @@ module Authentik::Api
 
     # Role viewset
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :ak_groups 
-    # @option opts [Boolean] :inherited Include inherited roles (requires users or ak_groups filter)
+    # @option opts [String] :groups 
+    # @option opts [Boolean] :inherited Include inherited roles (requires users or groups filter)
     # @option opts [Array<String>] :managed 
     # @option opts [Boolean] :managed__isnull 
     # @option opts [String] :name 
@@ -1126,8 +1123,8 @@ module Authentik::Api
 
     # Role viewset
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :ak_groups 
-    # @option opts [Boolean] :inherited Include inherited roles (requires users or ak_groups filter)
+    # @option opts [String] :groups 
+    # @option opts [Boolean] :inherited Include inherited roles (requires users or groups filter)
     # @option opts [Array<String>] :managed 
     # @option opts [Boolean] :managed__isnull 
     # @option opts [String] :name 
@@ -1146,7 +1143,7 @@ module Authentik::Api
 
       # query parameters
       query_params = opts[:query_params] || {}
-      query_params[:'ak_groups'] = opts[:'ak_groups'] if !opts[:'ak_groups'].nil?
+      query_params[:'groups'] = opts[:'groups'] if !opts[:'groups'].nil?
       query_params[:'inherited'] = opts[:'inherited'] if !opts[:'inherited'].nil?
       query_params[:'managed'] = @api_client.build_collection_param(opts[:'managed'], :multi) if !opts[:'managed'].nil?
       query_params[:'managed__isnull'] = opts[:'managed__isnull'] if !opts[:'managed__isnull'].nil?

data/lib/authentik/api/api/stages_api.rb

@@ -545,7 +545,7 @@ module Authentik::Api
       return_type = opts[:debug_return_type] || 'DuoDeviceEnrollmentStatus'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['authentik']
+      auth_names = opts[:debug_auth_names] || []
 
       new_options = opts.merge(
         :operation => :"StagesApi.stages_authenticator_duo_enrollment_status_create",

data/lib/authentik/api/models/alg_enum.rb

@@ -11,9 +11,11 @@ module Authentik::Api
   class AlgEnum
     RSA = "rsa".freeze
     ECDSA = "ecdsa".freeze
+    ED25519 = "ed25519".freeze
+    ED448 = "ed448".freeze
 
     def self.all_vars
-      @all_vars ||= [RSA, ECDSA].freeze
+      @all_vars ||= [RSA, ECDSA, ED25519, ED448].freeze
     end
 
     # Builds the enum from string

data/lib/authentik/api/models/app_enum.rb

@@ -74,12 +74,15 @@ module Authentik::Api
     AUTHENTIK_BLUEPRINTS = "authentik.blueprints".freeze
     AUTHENTIK_ENTERPRISE_AUDIT = "authentik.enterprise.audit".freeze
     AUTHENTIK_ENTERPRISE_ENDPOINTS_CONNECTORS_AGENT = "authentik.enterprise.endpoints.connectors.agent".freeze
+    AUTHENTIK_ENTERPRISE_ENDPOINTS_CONNECTORS_FLEET = "authentik.enterprise.endpoints.connectors.fleet".freeze
+    AUTHENTIK_ENTERPRISE_LIFECYCLE = "authentik.enterprise.lifecycle".freeze
     AUTHENTIK_ENTERPRISE_POLICIES_UNIQUE_PASSWORD = "authentik.enterprise.policies.unique_password".freeze
     AUTHENTIK_ENTERPRISE_PROVIDERS_GOOGLE_WORKSPACE = "authentik.enterprise.providers.google_workspace".freeze
     AUTHENTIK_ENTERPRISE_PROVIDERS_MICROSOFT_ENTRA = "authentik.enterprise.providers.microsoft_entra".freeze
     AUTHENTIK_ENTERPRISE_PROVIDERS_RADIUS = "authentik.enterprise.providers.radius".freeze
     AUTHENTIK_ENTERPRISE_PROVIDERS_SCIM = "authentik.enterprise.providers.scim".freeze
     AUTHENTIK_ENTERPRISE_PROVIDERS_SSF = "authentik.enterprise.providers.ssf".freeze
+    AUTHENTIK_ENTERPRISE_PROVIDERS_WS_FEDERATION = "authentik.enterprise.providers.ws_federation".freeze
     AUTHENTIK_ENTERPRISE_REPORTS = "authentik.enterprise.reports".freeze
     AUTHENTIK_ENTERPRISE_SEARCH = "authentik.enterprise.search".freeze
     AUTHENTIK_ENTERPRISE_STAGES_AUTHENTICATOR_ENDPOINT_GDTC = "authentik.enterprise.stages.authenticator_endpoint_gdtc".freeze
@@ -87,7 +90,7 @@ module Authentik::Api
     AUTHENTIK_ENTERPRISE_STAGES_SOURCE = "authentik.enterprise.stages.source".freeze
 
     def self.all_vars
-      @all_vars ||= [AUTHENTIK_COMMANDS, AUTHENTIK_TENANTS, AUTHENTIK_TASKS, AUTHENTIK_ADMIN, AUTHENTIK_API, AUTHENTIK_CORE, AUTHENTIK_CRYPTO, AUTHENTIK_ENDPOINTS, AUTHENTIK_ENDPOINTS_CONNECTORS_AGENT, AUTHENTIK_ENTERPRISE, AUTHENTIK_EVENTS, AUTHENTIK_ADMIN_FILES, AUTHENTIK_FLOWS, AUTHENTIK_OUTPOSTS, AUTHENTIK_POLICIES_DUMMY, AUTHENTIK_POLICIES_EVENT_MATCHER, AUTHENTIK_POLICIES_EXPIRY, AUTHENTIK_POLICIES_EXPRESSION, AUTHENTIK_POLICIES_GEOIP, AUTHENTIK_POLICIES_PASSWORD, AUTHENTIK_POLICIES_REPUTATION, AUTHENTIK_POLICIES, AUTHENTIK_PROVIDERS_LDAP, AUTHENTIK_PROVIDERS_OAUTH2, AUTHENTIK_PROVIDERS_PROXY, AUTHENTIK_PROVIDERS_RAC, AUTHENTIK_PROVIDERS_RADIUS, AUTHENTIK_PROVIDERS_SAML, AUTHENTIK_PROVIDERS_SCIM, AUTHENTIK_RBAC, AUTHENTIK_RECOVERY, AUTHENTIK_SOURCES_KERBEROS, AUTHENTIK_SOURCES_LDAP, AUTHENTIK_SOURCES_OAUTH, AUTHENTIK_SOURCES_PLEX, AUTHENTIK_SOURCES_SAML, AUTHENTIK_SOURCES_SCIM, AUTHENTIK_SOURCES_TELEGRAM, AUTHENTIK_STAGES_AUTHENTICATOR, AUTHENTIK_STAGES_AUTHENTICATOR_DUO, AUTHENTIK_STAGES_AUTHENTICATOR_EMAIL, AUTHENTIK_STAGES_AUTHENTICATOR_SMS, AUTHENTIK_STAGES_AUTHENTICATOR_STATIC, AUTHENTIK_STAGES_AUTHENTICATOR_TOTP, AUTHENTIK_STAGES_AUTHENTICATOR_VALIDATE, AUTHENTIK_STAGES_AUTHENTICATOR_WEBAUTHN, AUTHENTIK_STAGES_CAPTCHA, AUTHENTIK_STAGES_CONSENT, AUTHENTIK_STAGES_DENY, AUTHENTIK_STAGES_DUMMY, AUTHENTIK_STAGES_EMAIL, AUTHENTIK_STAGES_IDENTIFICATION, AUTHENTIK_STAGES_INVITATION, AUTHENTIK_STAGES_PASSWORD, AUTHENTIK_STAGES_PROMPT, AUTHENTIK_STAGES_REDIRECT, AUTHENTIK_STAGES_USER_DELETE, AUTHENTIK_STAGES_USER_LOGIN, AUTHENTIK_STAGES_USER_LOGOUT, AUTHENTIK_STAGES_USER_WRITE, AUTHENTIK_TASKS_SCHEDULES, AUTHENTIK_BRANDS, AUTHENTIK_BLUEPRINTS, AUTHENTIK_ENTERPRISE_AUDIT, AUTHENTIK_ENTERPRISE_ENDPOINTS_CONNECTORS_AGENT, AUTHENTIK_ENTERPRISE_POLICIES_UNIQUE_PASSWORD, AUTHENTIK_ENTERPRISE_PROVIDERS_GOOGLE_WORKSPACE, AUTHENTIK_ENTERPRISE_PROVIDERS_MICROSOFT_ENTRA, AUTHENTIK_ENTERPRISE_PROVIDERS_RADIUS, AUTHENTIK_ENTERPRISE_PROVIDERS_SCIM, AUTHENTIK_ENTERPRISE_PROVIDERS_SSF, AUTHENTIK_ENTERPRISE_REPORTS, AUTHENTIK_ENTERPRISE_SEARCH, AUTHENTIK_ENTERPRISE_STAGES_AUTHENTICATOR_ENDPOINT_GDTC, AUTHENTIK_ENTERPRISE_STAGES_MTLS, AUTHENTIK_ENTERPRISE_STAGES_SOURCE].freeze
+      @all_vars ||= [AUTHENTIK_COMMANDS, AUTHENTIK_TENANTS, AUTHENTIK_TASKS, AUTHENTIK_ADMIN, AUTHENTIK_API, AUTHENTIK_CORE, AUTHENTIK_CRYPTO, AUTHENTIK_ENDPOINTS, AUTHENTIK_ENDPOINTS_CONNECTORS_AGENT, AUTHENTIK_ENTERPRISE, AUTHENTIK_EVENTS, AUTHENTIK_ADMIN_FILES, AUTHENTIK_FLOWS, AUTHENTIK_OUTPOSTS, AUTHENTIK_POLICIES_DUMMY, AUTHENTIK_POLICIES_EVENT_MATCHER, AUTHENTIK_POLICIES_EXPIRY, AUTHENTIK_POLICIES_EXPRESSION, AUTHENTIK_POLICIES_GEOIP, AUTHENTIK_POLICIES_PASSWORD, AUTHENTIK_POLICIES_REPUTATION, AUTHENTIK_POLICIES, AUTHENTIK_PROVIDERS_LDAP, AUTHENTIK_PROVIDERS_OAUTH2, AUTHENTIK_PROVIDERS_PROXY, AUTHENTIK_PROVIDERS_RAC, AUTHENTIK_PROVIDERS_RADIUS, AUTHENTIK_PROVIDERS_SAML, AUTHENTIK_PROVIDERS_SCIM, AUTHENTIK_RBAC, AUTHENTIK_RECOVERY, AUTHENTIK_SOURCES_KERBEROS, AUTHENTIK_SOURCES_LDAP, AUTHENTIK_SOURCES_OAUTH, AUTHENTIK_SOURCES_PLEX, AUTHENTIK_SOURCES_SAML, AUTHENTIK_SOURCES_SCIM, AUTHENTIK_SOURCES_TELEGRAM, AUTHENTIK_STAGES_AUTHENTICATOR, AUTHENTIK_STAGES_AUTHENTICATOR_DUO, AUTHENTIK_STAGES_AUTHENTICATOR_EMAIL, AUTHENTIK_STAGES_AUTHENTICATOR_SMS, AUTHENTIK_STAGES_AUTHENTICATOR_STATIC, AUTHENTIK_STAGES_AUTHENTICATOR_TOTP, AUTHENTIK_STAGES_AUTHENTICATOR_VALIDATE, AUTHENTIK_STAGES_AUTHENTICATOR_WEBAUTHN, AUTHENTIK_STAGES_CAPTCHA, AUTHENTIK_STAGES_CONSENT, AUTHENTIK_STAGES_DENY, AUTHENTIK_STAGES_DUMMY, AUTHENTIK_STAGES_EMAIL, AUTHENTIK_STAGES_IDENTIFICATION, AUTHENTIK_STAGES_INVITATION, AUTHENTIK_STAGES_PASSWORD, AUTHENTIK_STAGES_PROMPT, AUTHENTIK_STAGES_REDIRECT, AUTHENTIK_STAGES_USER_DELETE, AUTHENTIK_STAGES_USER_LOGIN, AUTHENTIK_STAGES_USER_LOGOUT, AUTHENTIK_STAGES_USER_WRITE, AUTHENTIK_TASKS_SCHEDULES, AUTHENTIK_BRANDS, AUTHENTIK_BLUEPRINTS, AUTHENTIK_ENTERPRISE_AUDIT, AUTHENTIK_ENTERPRISE_ENDPOINTS_CONNECTORS_AGENT, AUTHENTIK_ENTERPRISE_ENDPOINTS_CONNECTORS_FLEET, AUTHENTIK_ENTERPRISE_LIFECYCLE, AUTHENTIK_ENTERPRISE_POLICIES_UNIQUE_PASSWORD, AUTHENTIK_ENTERPRISE_PROVIDERS_GOOGLE_WORKSPACE, AUTHENTIK_ENTERPRISE_PROVIDERS_MICROSOFT_ENTRA, AUTHENTIK_ENTERPRISE_PROVIDERS_RADIUS, AUTHENTIK_ENTERPRISE_PROVIDERS_SCIM, AUTHENTIK_ENTERPRISE_PROVIDERS_SSF, AUTHENTIK_ENTERPRISE_PROVIDERS_WS_FEDERATION, AUTHENTIK_ENTERPRISE_REPORTS, AUTHENTIK_ENTERPRISE_SEARCH, AUTHENTIK_ENTERPRISE_STAGES_AUTHENTICATOR_ENDPOINT_GDTC, AUTHENTIK_ENTERPRISE_STAGES_MTLS, AUTHENTIK_ENTERPRISE_STAGES_SOURCE].freeze
     end
 
     # Builds the enum from string

data/lib/authentik/api/models/application.rb

@@ -131,6 +131,7 @@ module Authentik::Api
     def self.openapi_nullable
       Set.new([
         :'provider',
+        :'provider_obj',
         :'launch_url',
         :'meta_icon_url',
         :'meta_icon_themed_urls',
@@ -264,10 +265,6 @@ module Authentik::Api
         invalid_properties.push("invalid value for \"slug\", must conform to the pattern #{pattern}.")
       end
 
-      if @provider_obj.nil?
-        invalid_properties.push('invalid value for "provider_obj", provider_obj cannot be nil.')
-      end
-
       if @backchannel_providers_obj.nil?
         invalid_properties.push('invalid value for "backchannel_providers_obj", backchannel_providers_obj cannot be nil.')
       end
@@ -283,7 +280,6 @@ module Authentik::Api
       return false if @name.nil?
       return false if @slug.nil?
       return false if @slug !~ Regexp.new(/^[-a-zA-Z0-9_]+$/)
-      return false if @provider_obj.nil?
       return false if @backchannel_providers_obj.nil?
       true
     end
@@ -323,16 +319,6 @@ module Authentik::Api
       @slug = slug
     end
 
-    # Custom attribute writer method with validation
-    # @param [Object] provider_obj Value to be assigned
-    def provider_obj=(provider_obj)
-      if provider_obj.nil?
-        fail ArgumentError, 'provider_obj cannot be nil'
-      end
-
-      @provider_obj = provider_obj
-    end
-
     # Custom attribute writer method with validation
     # @param [Object] backchannel_providers_obj Value to be assigned
     def backchannel_providers_obj=(backchannel_providers_obj)

data/lib/authentik/api/models/bulk_delete_session_response.rb

@@ -0,0 +1,158 @@
+=begin
+This file is automatically generated by: https://openapi-generator.tech.
+Any manual changes will be lost when the OpenAPI scheme changes.
+
+=end
+
+require 'date'
+require 'time'
+
+module Authentik::Api
+  class BulkDeleteSessionResponse < ApiModelBase
+    attr_accessor :deleted
+
+    # Attribute mapping from ruby-style variable name to JSON key.
+    def self.attribute_map
+      {
+        :'deleted' => :'deleted'
+      }
+    end
+
+    # Returns attribute mapping this model knows about
+    def self.acceptable_attribute_map
+      attribute_map
+    end
+
+    # Returns all the JSON keys this model knows about
+    def self.acceptable_attributes
+      acceptable_attribute_map.values
+    end
+
+    # Attribute type mapping.
+    def self.openapi_types
+      {
+        :'deleted' => :'Integer'
+      }
+    end
+
+    # List of attributes with nullable: true
+    def self.openapi_nullable
+      Set.new([
+      ])
+    end
+
+    # Initializes the object
+    # @param [Hash] attributes Model attributes in the form of hash
+    def initialize(attributes = {})
+      if (!attributes.is_a?(Hash))
+        fail ArgumentError, "The input argument (attributes) must be a hash in `Authentik::Api::BulkDeleteSessionResponse` initialize method"
+      end
+
+      # check to see if the attribute exists and convert string to symbol for hash key
+      acceptable_attribute_map = self.class.acceptable_attribute_map
+      attributes = attributes.each_with_object({}) { |(k, v), h|
+        if (!acceptable_attribute_map.key?(k.to_sym))
+          fail ArgumentError, "`#{k}` is not a valid attribute in `Authentik::Api::BulkDeleteSessionResponse`. Please check the name to make sure it's valid. List of attributes: " + acceptable_attribute_map.keys.inspect
+        end
+        h[k.to_sym] = v
+      }
+
+      if attributes.key?(:'deleted')
+        self.deleted = attributes[:'deleted']
+      else
+        self.deleted = nil
+      end
+    end
+
+    # Show invalid properties with the reasons. Usually used together with valid?
+    # @return Array for valid properties with the reasons
+    def list_invalid_properties
+      warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
+      invalid_properties = Array.new
+      if @deleted.nil?
+        invalid_properties.push('invalid value for "deleted", deleted cannot be nil.')
+      end
+
+      invalid_properties
+    end
+
+    # Check to see if the all the properties in the model are valid
+    # @return true if the model is valid
+    def valid?
+      warn '[DEPRECATED] the `valid?` method is obsolete'
+      return false if @deleted.nil?
+      true
+    end
+
+    # Custom attribute writer method with validation
+    # @param [Object] deleted Value to be assigned
+    def deleted=(deleted)
+      if deleted.nil?
+        fail ArgumentError, 'deleted cannot be nil'
+      end
+
+      @deleted = deleted
+    end
+
+    # Checks equality by comparing each attribute.
+    # @param [Object] Object to be compared
+    def ==(o)
+      return true if self.equal?(o)
+      self.class == o.class &&
+          deleted == o.deleted
+    end
+
+    # @see the `==` method
+    # @param [Object] Object to be compared
+    def eql?(o)
+      self == o
+    end
+
+    # Calculates hash code according to all attributes.
+    # @return [Integer] Hash code
+    def hash
+      [deleted].hash
+    end
+
+    # Builds the object from hash
+    # @param [Hash] attributes Model attributes in the form of hash
+    # @return [Object] Returns the model itself
+    def self.build_from_hash(attributes)
+      return nil unless attributes.is_a?(Hash)
+      attributes = attributes.transform_keys(&:to_sym)
+      transformed_hash = {}
+      openapi_types.each_pair do |key, type|
+        if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
+          transformed_hash["#{key}"] = nil
+        elsif type =~ /\AArray<(.*)>/i
+          # check to ensure the input is an array given that the attribute
+          # is documented as an array but the input is not
+          if attributes[attribute_map[key]].is_a?(Array)
+            transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
+          end
+        elsif !attributes[attribute_map[key]].nil?
+          transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
+        end
+      end
+      new(transformed_hash)
+    end
+
+    # Returns the object in the form of hash
+    # @return [Hash] Returns the object in the form of hash
+    def to_hash
+      hash = {}
+      self.class.attribute_map.each_pair do |attr, param|
+        value = self.send(attr)
+        if value.nil?
+          is_nullable = self.class.openapi_nullable.include?(attr)
+          next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
+        end
+
+        hash[param] = _to_hash(value)
+      end
+      hash
+    end
+
+  end
+
+end

data/lib/authentik/api/models/certificate_key_pair.rb

@@ -14,21 +14,22 @@ module Authentik::Api
 
     attr_accessor :name
 
-    # Get certificate Hash (SHA256)
+    # SHA256 fingerprint of the certificate
     attr_accessor :fingerprint_sha256
 
-    # Get certificate Hash (SHA1)
+    # SHA1 fingerprint of the certificate
     attr_accessor :fingerprint_sha1
 
-    # Get certificate expiry
+    # Certificate expiry date
     attr_accessor :cert_expiry
 
-    # Get certificate subject as full rfc4514
+    # Certificate subject as RFC4514 string
     attr_accessor :cert_subject
 
     # Show if this keypair has a private key configured or not
     attr_accessor :private_key_available
 
+    # Key algorithm type detected from the certificate's public key
     attr_accessor :key_type
 
     # Get URL to download certificate

data/lib/authentik/api/models/content_type_enum.rb

@@ -0,0 +1,35 @@
+=begin
+This file is automatically generated by: https://openapi-generator.tech.
+Any manual changes will be lost when the OpenAPI scheme changes.
+
+=end
+
+require 'date'
+require 'time'
+
+module Authentik::Api
+  class ContentTypeEnum
+    AUTHENTIK_CORE_APPLICATION = "authentik_core.application".freeze
+    AUTHENTIK_CORE_GROUP = "authentik_core.group".freeze
+    AUTHENTIK_RBAC_ROLE = "authentik_rbac.role".freeze
+
+    def self.all_vars
+      @all_vars ||= [AUTHENTIK_CORE_APPLICATION, AUTHENTIK_CORE_GROUP, AUTHENTIK_RBAC_ROLE].freeze
+    end
+
+    # Builds the enum from string
+    # @param [String] The enum value in the form of the string
+    # @return [String] The enum value
+    def self.build_from_hash(value)
+      new.build_from_hash(value)
+    end
+
+    # Builds the enum from string
+    # @param [String] The enum value in the form of the string
+    # @return [String] The enum value
+    def build_from_hash(value)
+      return value if ContentTypeEnum.all_vars.include?(value)
+      raise "Invalid ENUM value #{value} for class #ContentTypeEnum"
+    end
+  end
+end

data/lib/authentik/api/models/contextual_flow_info_layout_enum.rb

@@ -14,9 +14,11 @@ module Authentik::Api
     CONTENT_RIGHT = "content_right".freeze
     SIDEBAR_LEFT = "sidebar_left".freeze
     SIDEBAR_RIGHT = "sidebar_right".freeze
+    SIDEBAR_LEFT_FRAME_BACKGROUND = "sidebar_left_frame_background".freeze
+    SIDEBAR_RIGHT_FRAME_BACKGROUND = "sidebar_right_frame_background".freeze
 
     def self.all_vars
-      @all_vars ||= [STACKED, CONTENT_LEFT, CONTENT_RIGHT, SIDEBAR_LEFT, SIDEBAR_RIGHT].freeze
+      @all_vars ||= [STACKED, CONTENT_LEFT, CONTENT_RIGHT, SIDEBAR_LEFT, SIDEBAR_RIGHT, SIDEBAR_LEFT_FRAME_BACKGROUND, SIDEBAR_RIGHT_FRAME_BACKGROUND].freeze
     end
 
     # Builds the enum from string

data/lib/authentik/api/models/current_brand_flags.rb

@@ -9,14 +9,20 @@ require 'time'
 
 module Authentik::Api
   class CurrentBrandFlags < ApiModelBase
+    attr_accessor :enterprise_audit_include_expanded_diff
+
     attr_accessor :policies_buffered_access_view
 
+    attr_accessor :flows_continuous_login
+
     attr_accessor :flows_refresh_others
 
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'enterprise_audit_include_expanded_diff' => :'enterprise_audit_include_expanded_diff',
         :'policies_buffered_access_view' => :'policies_buffered_access_view',
+        :'flows_continuous_login' => :'flows_continuous_login',
         :'flows_refresh_others' => :'flows_refresh_others'
       }
     end
@@ -34,7 +40,9 @@ module Authentik::Api
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'enterprise_audit_include_expanded_diff' => :'Boolean',
         :'policies_buffered_access_view' => :'Boolean',
+        :'flows_continuous_login' => :'Boolean',
         :'flows_refresh_others' => :'Boolean'
       }
     end
@@ -61,12 +69,24 @@ module Authentik::Api
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'enterprise_audit_include_expanded_diff')
+        self.enterprise_audit_include_expanded_diff = attributes[:'enterprise_audit_include_expanded_diff']
+      else
+        self.enterprise_audit_include_expanded_diff = nil
+      end
+
       if attributes.key?(:'policies_buffered_access_view')
         self.policies_buffered_access_view = attributes[:'policies_buffered_access_view']
       else
         self.policies_buffered_access_view = nil
       end
 
+      if attributes.key?(:'flows_continuous_login')
+        self.flows_continuous_login = attributes[:'flows_continuous_login']
+      else
+        self.flows_continuous_login = nil
+      end
+
       if attributes.key?(:'flows_refresh_others')
         self.flows_refresh_others = attributes[:'flows_refresh_others']
       else
@@ -79,10 +99,18 @@ module Authentik::Api
     def list_invalid_properties
       warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
       invalid_properties = Array.new
+      if @enterprise_audit_include_expanded_diff.nil?
+        invalid_properties.push('invalid value for "enterprise_audit_include_expanded_diff", enterprise_audit_include_expanded_diff cannot be nil.')
+      end
+
       if @policies_buffered_access_view.nil?
         invalid_properties.push('invalid value for "policies_buffered_access_view", policies_buffered_access_view cannot be nil.')
       end
 
+      if @flows_continuous_login.nil?
+        invalid_properties.push('invalid value for "flows_continuous_login", flows_continuous_login cannot be nil.')
+      end
+
       if @flows_refresh_others.nil?
         invalid_properties.push('invalid value for "flows_refresh_others", flows_refresh_others cannot be nil.')
       end
@@ -94,11 +122,23 @@ module Authentik::Api
     # @return true if the model is valid
     def valid?
       warn '[DEPRECATED] the `valid?` method is obsolete'
+      return false if @enterprise_audit_include_expanded_diff.nil?
       return false if @policies_buffered_access_view.nil?
+      return false if @flows_continuous_login.nil?
       return false if @flows_refresh_others.nil?
       true
     end
 
+    # Custom attribute writer method with validation
+    # @param [Object] enterprise_audit_include_expanded_diff Value to be assigned
+    def enterprise_audit_include_expanded_diff=(enterprise_audit_include_expanded_diff)
+      if enterprise_audit_include_expanded_diff.nil?
+        fail ArgumentError, 'enterprise_audit_include_expanded_diff cannot be nil'
+      end
+
+      @enterprise_audit_include_expanded_diff = enterprise_audit_include_expanded_diff
+    end
+
     # Custom attribute writer method with validation
     # @param [Object] policies_buffered_access_view Value to be assigned
     def policies_buffered_access_view=(policies_buffered_access_view)
@@ -109,6 +149,16 @@ module Authentik::Api
       @policies_buffered_access_view = policies_buffered_access_view
     end
 
+    # Custom attribute writer method with validation
+    # @param [Object] flows_continuous_login Value to be assigned
+    def flows_continuous_login=(flows_continuous_login)
+      if flows_continuous_login.nil?
+        fail ArgumentError, 'flows_continuous_login cannot be nil'
+      end
+
+      @flows_continuous_login = flows_continuous_login
+    end
+
     # Custom attribute writer method with validation
     # @param [Object] flows_refresh_others Value to be assigned
     def flows_refresh_others=(flows_refresh_others)
@@ -124,7 +174,9 @@ module Authentik::Api
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          enterprise_audit_include_expanded_diff == o.enterprise_audit_include_expanded_diff &&
           policies_buffered_access_view == o.policies_buffered_access_view &&
+          flows_continuous_login == o.flows_continuous_login &&
           flows_refresh_others == o.flows_refresh_others
     end
 
@@ -137,7 +189,7 @@ module Authentik::Api
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [policies_buffered_access_view, flows_refresh_others].hash
+      [enterprise_audit_include_expanded_diff, policies_buffered_access_view, flows_continuous_login, flows_refresh_others].hash
     end
 
     # Builds the object from hash

data/lib/authentik/api/models/device_access_group.rb

@@ -13,11 +13,14 @@ module Authentik::Api
 
     attr_accessor :name
 
+    attr_accessor :attributes
+
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
         :'pbm_uuid' => :'pbm_uuid',
-        :'name' => :'name'
+        :'name' => :'name',
+        :'attributes' => :'attributes'
       }
     end
 
@@ -35,7 +38,8 @@ module Authentik::Api
     def self.openapi_types
       {
         :'pbm_uuid' => :'String',
-        :'name' => :'String'
+        :'name' => :'String',
+        :'attributes' => :'Hash<String, Object>'
       }
     end
 
@@ -72,6 +76,12 @@ module Authentik::Api
       else
         self.name = nil
       end
+
+      if attributes.key?(:'attributes')
+        if (value = attributes[:'attributes']).is_a?(Hash)
+          self.attributes = value
+        end
+      end
     end
 
     # Show invalid properties with the reasons. Usually used together with valid?
@@ -125,7 +135,8 @@ module Authentik::Api
       return true if self.equal?(o)
       self.class == o.class &&
           pbm_uuid == o.pbm_uuid &&
-          name == o.name
+          name == o.name &&
+          attributes == o.attributes
     end
 
     # @see the `==` method
@@ -137,7 +148,7 @@ module Authentik::Api
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [pbm_uuid, name].hash
+      [pbm_uuid, name, attributes].hash
     end
 
     # Builds the object from hash

data/lib/authentik/api/models/device_access_group_request.rb

@@ -11,10 +11,13 @@ module Authentik::Api
   class DeviceAccessGroupRequest < ApiModelBase
     attr_accessor :name
 
+    attr_accessor :attributes
+
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
-        :'name' => :'name'
+        :'name' => :'name',
+        :'attributes' => :'attributes'
       }
     end
 
@@ -31,7 +34,8 @@ module Authentik::Api
     # Attribute type mapping.
     def self.openapi_types
       {
-        :'name' => :'String'
+        :'name' => :'String',
+        :'attributes' => :'Hash<String, Object>'
       }
     end
 
@@ -62,6 +66,12 @@ module Authentik::Api
       else
         self.name = nil
       end
+
+      if attributes.key?(:'attributes')
+        if (value = attributes[:'attributes']).is_a?(Hash)
+          self.attributes = value
+        end
+      end
     end
 
     # Show invalid properties with the reasons. Usually used together with valid?
@@ -108,7 +118,8 @@ module Authentik::Api
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
-          name == o.name
+          name == o.name &&
+          attributes == o.attributes
     end
 
     # @see the `==` method
@@ -120,7 +131,7 @@ module Authentik::Api
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [name].hash
+      [name, attributes].hash
     end
 
     # Builds the object from hash