fusionauth_client 1.61.0 → 1.63.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58e317fccbd8e1d274a59b80f7f1fc3718687bdf07596a65b13e023d95afd128
-  data.tar.gz: 1d86814be6744576d95c37204e5422b7b3323eb42595fc8971004ec70d912f3d
+  metadata.gz: a00315e90f98c3c9f7e999642cf40a2cd7f145d01bdbc93f1873ee5f72be6277
+  data.tar.gz: a71f19cbd3bfe127ea09608a15ac7ba1a265145d72be831b2f6dcd5f6a36a6e0
 SHA512:
-  metadata.gz: a314f61c7f1483f59e9f5355e83b29ab246ab8e37663dd8643540f007fc5a9d823393ac0daeec562bc9710e9733e12005ad9eb9a864439d773bbf1b3ad30d195
-  data.tar.gz: fa0bd3953165d6b8da5829ccb6efac9299e776bf96bfc3fb0a52bdf19bba72c6a5897b12f554297013bc3d11f557f1321a7562ec258a26ce42ffa5383b0c9fe6
+  metadata.gz: c28c51b421c16e5a686e06f68ad92726e5ccf9affc3ab37805bc511f533a1cbcaf36f3f8fca8f32cf28a1b988e175d92f19c3cf761723b41c079fd91c7cfddb0
+  data.tar.gz: e94ec3411fbe056acc2074d74c48c53dccb971cc54656924e70bc4b6f83fcbfd058d614c074cf2e07db24aefaeb9cd07e75ac041298eadc087a6d5d2c483f6e8

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    fusionauth_client (1.61.0)
+    fusionauth_client (1.63.0)
 
 GEM
   remote: https://rubygems.org/

data/build.savant

@@ -15,7 +15,7 @@
  */
 
 pubVersion = ""
-project(group: "io.fusionauth", name: "fusionauth-ruby-client", version: "1.61.0", licenses: ["ApacheV2_0"]) {
+project(group: "io.fusionauth", name: "fusionauth-ruby-client", version: "1.63.0", licenses: ["ApacheV2_0"]) {
   workflow {
     fetch {
       cache()

data/fusionauth-ruby-client.iml

@@ -9,7 +9,19 @@
     <orderEntry type="jdk" jdkName="rbenv: 3.4.2" jdkType="RUBY_SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="library" scope="PROVIDED" name="bundler (v2.6.2, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="cgi (v0.4.2, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="date (v3.4.1, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="erb (v2.2.3, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="extralite-bundle (v1.27, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="minitest (v5.25.5, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="nokogiri (v1.18.6, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="psych (v5.2.3, rbenv: 3.4.2) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="racc (v1.8.1, rbenv: 3.4.2) [gem]" level="application" />
     <orderEntry type="library" scope="PROVIDED" name="rake (v13.2.1, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rdoc (v6.13.0, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rdoc-markdown (v0.4.2, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="reverse_markdown (v2.1.1, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="stringio (v3.1.6, rbenv: 3.4.2) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="unindent (v1.0, rbenv: 3.4.2) [gem]" level="application" />
   </component>
-</module>
+</module>

data/fusionauth_client.gemspec

@@ -19,7 +19,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |spec|
   spec.name = 'fusionauth_client'
-  spec.version = '1.61.0'
+  spec.version = '1.63.0'
   spec.authors = ['Brian Pontarelli', 'Daniel DeGroff']
   spec.email = %w(brian@fusionauth.io daniel@fusionauth.io)
 

data/lib/fusionauth/fusionauth_client.rb

@@ -2,7 +2,7 @@ require 'ostruct'
 require 'fusionauth/rest_client'
 
 #
-# Copyright (c) 2018-2025, FusionAuth, All Rights Reserved
+# Copyright (c) 2018-2026, FusionAuth, All Rights Reserved
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -90,14 +90,33 @@ module FusionAuth
     # @param user_code [string] The end-user verification code.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def approve_device(client_id, client_secret, token, user_code)
-      body = {
+      form_parameters = {
         "client_id" => client_id,
         "client_secret" => client_secret,
         "token" => token,
-        "user_code" => user_code
+        "user_code" => user_code,
       }
       start.uri('/oauth2/device/approve')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Approve a device grant.
+    #
+    # @param request [OpenStruct, Hash] The request object containing the device approval information and optional tenantId.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def approve_device_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+        "token" => request.token,
+        "user_code" => request.user_code,
+      }
+      start.uri('/oauth2/device/approve')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -199,6 +218,24 @@ module FusionAuth
           .go
     end
 
+    #
+    # Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
+    # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+    # your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
+    # 
+    # An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+    #
+    # @param change_password_id [string] The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated.
+    # @param ip_address [string] (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def check_change_password_using_id_and_ip_address(change_password_id, ip_address)
+      startAnonymous.uri('/api/user/change-password')
+          .url_segment(change_password_id)
+          .url_parameter('ipAddress', ip_address)
+          .get
+          .go
+    end
+
     #
     # Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
     # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -215,6 +252,24 @@ module FusionAuth
           .go
     end
 
+    #
+    # Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
+    # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+    # your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
+    # 
+    # An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+    #
+    # @param encoded_jwt [string] The encoded JWT (access token).
+    # @param ip_address [string] (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def check_change_password_using_jwt_and_ip_address(encoded_jwt, ip_address)
+      startAnonymous.uri('/api/user/change-password')
+          .authorization('Bearer ' + encoded_jwt)
+          .url_parameter('ipAddress', ip_address)
+          .get
+          .go
+    end
+
     #
     # Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
     # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -231,6 +286,24 @@ module FusionAuth
           .go
     end
 
+    #
+    # Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
+    # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+    # your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
+    # 
+    # An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+    #
+    # @param login_id [string] The loginId (email or username) of the User that you intend to change the password for.
+    # @param ip_address [string] (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def check_change_password_using_login_id_and_ip_address(login_id, ip_address)
+      start.uri('/api/user/change-password')
+          .url_parameter('loginId', login_id)
+          .url_parameter('ipAddress', ip_address)
+          .get
+          .go
+    end
+
     #
     # Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
     # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -249,6 +322,26 @@ module FusionAuth
           .go
     end
 
+    #
+    # Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
+    # When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+    # your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
+    # 
+    # An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+    #
+    # @param login_id [string] The loginId of the User that you intend to change the password for.
+    # @param login_id_types [Array] The identity types that FusionAuth will compare the loginId to.
+    # @param ip_address [string] (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def check_change_password_using_login_id_and_login_id_types_and_ip_address(login_id, login_id_types, ip_address)
+      start.uri('/api/user/change-password')
+          .url_parameter('loginId', login_id)
+          .url_parameter('loginIdTypes', login_id_types)
+          .url_parameter('ipAddress', ip_address)
+          .get
+          .go
+    end
+
     #
     # Make a Client Credentials grant request to obtain an access token.
     #
@@ -259,14 +352,33 @@ module FusionAuth
     # @param scope [string] (Optional) This parameter is used to indicate which target entity you are requesting access. To request access to an entity, use the format target-entity:<target-entity-id>:<roles>. Roles are an optional comma separated list.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def client_credentials_grant(client_id, client_secret, scope)
-      body = {
+      form_parameters = {
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "grant_type" => "client_credentials",
-        "scope" => scope
+        "grant_type" => 'client_credentials',
+        "scope" => scope,
+      }
+      startAnonymous.uri('/oauth2/token')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Make a Client Credentials grant request to obtain an access token.
+    #
+    # @param request [OpenStruct, Hash] The client credentials grant request containing client authentication, scope and optional tenantId.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def client_credentials_grant_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "grant_type" => request.grant_type,
+        "scope" => request.scope,
+        "tenantId" => request.tenantId,
       }
       startAnonymous.uri('/oauth2/token')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1300,6 +1412,18 @@ module FusionAuth
           .go
     end
 
+    #
+    # Deletes all of the WebAuthn credentials for the given User Id.
+    #
+    # @param user_id [string] The unique Id of the User to delete WebAuthn passkeys for.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def delete_web_authn_credentials_for_user(user_id)
+      start.uri('/api/webauthn')
+          .url_parameter('userId', user_id)
+          .delete
+          .go
+    end
+
     #
     # Deletes the webhook for the given Id.
     #
@@ -1312,6 +1436,43 @@ module FusionAuth
           .go
     end
 
+    #
+    # Start the Device Authorization flow using form-encoded parameters
+    #
+    # @param client_id [string] The unique client identifier. The client Id is the Id of the FusionAuth Application in which you are attempting to authenticate.
+    # @param client_secret [string] (Optional) The client secret. This value may optionally be provided in the request body instead of the Authorization header.
+    # @param scope [string] (Optional) A space-delimited string of the requested scopes. Defaults to all scopes configured in the Application's OAuth configuration.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def device_authorize(client_id, client_secret, scope)
+      form_parameters = {
+        "client_id" => client_id,
+        "client_secret" => client_secret,
+        "scope" => scope,
+      }
+      startAnonymous.uri('/oauth2/device_authorize')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Start the Device Authorization flow using a request body
+    #
+    # @param request [OpenStruct, Hash] The device authorization request containing client authentication, scope, and optional device metadata.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def device_authorize_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "scope" => request.scope,
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+      }
+      startAnonymous.uri('/oauth2/device_authorize')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
     #
     # Disable two-factor authentication for a user.
     #
@@ -1367,15 +1528,15 @@ module FusionAuth
     # @param redirect_uri [string] The URI to redirect to upon a successful request.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def exchange_o_auth_code_for_access_token(code, client_id, client_secret, redirect_uri)
-      body = {
+      form_parameters = {
         "code" => code,
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "grant_type" => "authorization_code",
-        "redirect_uri" => redirect_uri
+        "grant_type" => 'authorization_code',
+        "redirect_uri" => redirect_uri,
       }
       startAnonymous.uri('/oauth2/token')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1392,16 +1553,59 @@ module FusionAuth
     # @param code_verifier [string] The random string generated previously. Will be compared with the code_challenge sent previously, which allows the OAuth provider to authenticate your app.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def exchange_o_auth_code_for_access_token_using_pkce(code, client_id, client_secret, redirect_uri, code_verifier)
-      body = {
+      form_parameters = {
         "code" => code,
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "grant_type" => "authorization_code",
+        "grant_type" => 'authorization_code',
         "redirect_uri" => redirect_uri,
-        "code_verifier" => code_verifier
+        "code_verifier" => code_verifier,
+      }
+      startAnonymous.uri('/oauth2/token')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Exchanges an OAuth authorization code and code_verifier for an access token.
+    # Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint and a code_verifier for an access token.
+    #
+    # @param request [OpenStruct, Hash] The PKCE OAuth code access token exchange request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def exchange_o_auth_code_for_access_token_using_pkce_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "code" => request.code,
+        "code_verifier" => request.code_verifier,
+        "grant_type" => request.grant_type,
+        "redirect_uri" => request.redirect_uri,
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+      }
+      startAnonymous.uri('/oauth2/token')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Exchanges an OAuth authorization code for an access token.
+    # Makes a request to the Token endpoint to exchange the authorization code returned from the Authorize endpoint for an access token.
+    #
+    # @param request [OpenStruct, Hash] The OAuth code access token exchange request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def exchange_o_auth_code_for_access_token_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "code" => request.code,
+        "grant_type" => request.grant_type,
+        "redirect_uri" => request.redirect_uri,
+        "tenantId" => request.tenantId,
       }
       startAnonymous.uri('/oauth2/token')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1418,16 +1622,38 @@ module FusionAuth
     # @param user_code [string] (Optional) The end-user verification code. This code is required if using this endpoint to approve the Device Authorization.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def exchange_refresh_token_for_access_token(refresh_token, client_id, client_secret, scope, user_code)
-      body = {
+      form_parameters = {
         "refresh_token" => refresh_token,
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "grant_type" => "refresh_token",
+        "grant_type" => 'refresh_token',
         "scope" => scope,
-        "user_code" => user_code
+        "user_code" => user_code,
+      }
+      startAnonymous.uri('/oauth2/token')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Exchange a Refresh Token for an Access Token.
+    # If you will be using the Refresh Token Grant, you will make a request to the Token endpoint to exchange the user’s refresh token for an access token.
+    #
+    # @param request [OpenStruct, Hash] The refresh token access token exchange request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def exchange_refresh_token_for_access_token_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "grant_type" => request.grant_type,
+        "refresh_token" => request.refresh_token,
+        "scope" => request.scope,
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+        "user_code" => request.user_code,
       }
       startAnonymous.uri('/oauth2/token')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1457,17 +1683,40 @@ module FusionAuth
     # @param user_code [string] (Optional) The end-user verification code. This code is required if using this endpoint to approve the Device Authorization.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def exchange_user_credentials_for_access_token(username, password, client_id, client_secret, scope, user_code)
-      body = {
+      form_parameters = {
         "username" => username,
         "password" => password,
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "grant_type" => "password",
+        "grant_type" => 'password',
         "scope" => scope,
-        "user_code" => user_code
+        "user_code" => user_code,
+      }
+      startAnonymous.uri('/oauth2/token')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Exchange User Credentials for a Token.
+    # If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user’s email and password for an access token.
+    #
+    # @param request [OpenStruct, Hash] The user credentials access token exchange request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def exchange_user_credentials_for_access_token_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "grant_type" => request.grant_type,
+        "password" => request.password,
+        "scope" => request.scope,
+        "tenantId" => request.tenantId,
+        "user_code" => request.user_code,
+        "username" => request.username,
       }
       startAnonymous.uri('/oauth2/token')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1651,12 +1900,29 @@ module FusionAuth
     # @param token [string] The access token returned by this OAuth provider as the result of a successful client credentials grant.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def introspect_access_token(client_id, token)
-      body = {
+      form_parameters = {
         "client_id" => client_id,
-        "token" => token
+        "token" => token,
       }
       startAnonymous.uri('/oauth2/introspect')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant.
+    #
+    # @param request [OpenStruct, Hash] The access token introspection request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def introspect_access_token_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "tenantId" => request.tenantId,
+        "token" => request.token,
+      }
+      startAnonymous.uri('/oauth2/introspect')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1667,11 +1933,27 @@ module FusionAuth
     # @param token [string] The access token returned by this OAuth provider as the result of a successful client credentials grant.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def introspect_client_credentials_access_token(token)
-      body = {
-        "token" => token
+      form_parameters = {
+        "token" => token,
       }
       startAnonymous.uri('/oauth2/introspect')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Inspect an access token issued as the result of the Client Credentials Grant.
+    #
+    # @param request [OpenStruct, Hash] The client credentials access token.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def introspect_client_credentials_access_token_with_request(request)
+      form_parameters = {
+        "tenantId" => request.tenantId,
+        "token" => request.token,
+      }
+      startAnonymous.uri('/oauth2/introspect')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .post
           .go
     end
@@ -1779,7 +2061,7 @@ module FusionAuth
     end
 
     #
-    # Retrieves the identity provider for the given domain. A 200 response code indicates the domain is managed
+    # Retrieves any global identity providers for the given domain. A 200 response code indicates the domain is managed
     # by a registered identity provider. A 404 indicates the domain is not managed.
     #
     # @param domain [string] The domain or email address to lookup.
@@ -1791,6 +2073,22 @@ module FusionAuth
           .go
     end
 
+    #
+    # Retrieves the identity provider for the given domain and tenantId. A 200 response code indicates the domain is managed
+    # by a registered identity provider. A 404 indicates the domain is not managed.
+    #
+    # @param domain [string] The domain or email address to lookup.
+    # @param tenant_id [string] If provided, the API searches for an identity provider scoped to the corresponding tenant that manages the requested domain.
+    #     If no result is found, the API then searches for global identity providers.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def lookup_identity_provider_by_tenant_id(domain, tenant_id)
+      start.uri('/api/identity-provider/lookup')
+          .url_parameter('domain', domain)
+          .url_parameter('tenantId', tenant_id)
+          .get
+          .go
+    end
+
     #
     # Modifies a temporal user action by changing the expiration of the action and optionally adding a comment to the
     # action.
@@ -3309,6 +3607,18 @@ module FusionAuth
           .go
     end
 
+    #
+    # Retrieves the totals report. This allows excluding applicationTotals from the report. An empty list will include the applicationTotals.
+    #
+    # @param excludes [Array] List of fields to exclude in the response. Currently only allows applicationTotals.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def retrieve_total_report_with_excludes(excludes)
+      start.uri('/api/report/totals')
+          .url_parameter('excludes', excludes)
+          .get
+          .go
+    end
+
     #
     # Retrieve two-factor recovery codes for a user.
     #
@@ -3340,6 +3650,22 @@ module FusionAuth
           .go
     end
 
+    #
+    # Retrieve a user's two-factor status.
+    # 
+    # This can be used to see if a user will need to complete a two-factor challenge to complete a login,
+    # and optionally identify the state of the two-factor trust across various applications. This operation
+    # provides more payload options than retrieveTwoFactorStatus.
+    #
+    # @param request [OpenStruct, Hash] The request object that contains all the information used to check the status.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def retrieve_two_factor_status_with_request(request)
+      start.uri('/api/two-factor/status')
+          .body_handler(FusionAuth::JSONBodyHandler.new(request))
+          .post
+          .go
+    end
+
     #
     # Retrieves the user for the given Id.
     #
@@ -3484,13 +3810,13 @@ module FusionAuth
     # @param user_code [string] The end-user verification code.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def retrieve_user_code(client_id, client_secret, user_code)
-      body = {
+      form_parameters = {
         "client_id" => client_id,
         "client_secret" => client_secret,
-        "user_code" => user_code
+        "user_code" => user_code,
       }
       startAnonymous.uri('/oauth2/device/user-code')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .get
           .go
     end
@@ -3505,15 +3831,55 @@ module FusionAuth
     # @param user_code [string] The end-user verification code.
     # @return [FusionAuth::ClientResponse] The ClientResponse object.
     def retrieve_user_code_using_api_key(user_code)
-      body = {
-        "user_code" => user_code
+      form_parameters = {
+        "user_code" => user_code,
       }
       startAnonymous.uri('/oauth2/device/user-code')
-          .body_handler(FusionAuth::FormDataBodyHandler.new(body))
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
           .get
           .go
     end
 
+    #
+    # Retrieve a user_code that is part of an in-progress Device Authorization Grant.
+    # 
+    # This API is useful if you want to build your own login workflow to complete a device grant.
+    # 
+    # This request will require an API key.
+    #
+    # @param request [OpenStruct, Hash] The user code retrieval request including optional tenantId.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def retrieve_user_code_using_api_key_with_request(request)
+      form_parameters = {
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+        "user_code" => request.user_code,
+      }
+      startAnonymous.uri('/oauth2/device/user-code')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
+    #
+    # Retrieve a user_code that is part of an in-progress Device Authorization Grant.
+    # 
+    # This API is useful if you want to build your own login workflow to complete a device grant.
+    #
+    # @param request [OpenStruct, Hash] The user code retrieval request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def retrieve_user_code_with_request(request)
+      form_parameters = {
+        "client_id" => request.client_id,
+        "client_secret" => request.client_secret,
+        "tenantId" => (request.tenantId.to_s unless request.tenantId.nil?),
+        "user_code" => request.user_code,
+      }
+      startAnonymous.uri('/oauth2/device/user-code')
+          .body_handler(FusionAuth::FormDataBodyHandler.new(form_parameters))
+          .post
+          .go
+    end
+
     #
     # Retrieves all the comments for the user with the given Id.
     #
@@ -3667,18 +4033,6 @@ module FusionAuth
           .go
     end
 
-    #
-    # Retrieves the user for the given Id. This method does not use an API key, instead it uses a JSON Web Token (JWT) for authentication.
-    #
-    # @param encoded_jwt [string] The encoded JWT (access token).
-    # @return [FusionAuth::ClientResponse] The ClientResponse object.
-    def retrieve_user_using_jwt(encoded_jwt)
-      startAnonymous.uri('/api/user')
-          .authorization('Bearer ' + encoded_jwt)
-          .get
-          .go
-    end
-
     #
     # Retrieves the FusionAuth version string.
     #
@@ -4851,6 +5205,21 @@ module FusionAuth
           .go
     end
 
+    #
+    # Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant.
+    # If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant.
+    #
+    # @param request [OpenStruct, Hash] The device validation request.
+    # @return [FusionAuth::ClientResponse] The ClientResponse object.
+    def validate_device_with_request(request)
+      startAnonymous.uri('/oauth2/device/validate')
+          .url_parameter('client_id', request.client_id)
+          .url_parameter('tenantId', request.tenantId.nil? ? nil : request.tenantId.to_s)
+          .url_parameter('user_code', request.user_code)
+          .get
+          .go
+    end
+
     #
     # Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly
     # signed and not expired.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fusionauth_client
 version: !ruby/object:Gem::Version
-  version: 1.61.0
+  version: 1.63.0
 platform: ruby
 authors:
 - Brian Pontarelli
 - Daniel DeGroff
 bindir: exe
 cert_chain: []
-date: 2025-11-13 00:00:00.000000000 Z
+date: 2026-02-26 00:00:00.000000000 Z
 dependencies: []
 description: This library contains the Ruby client library that helps you connect
   your application to FusionAuth.