RubyGems - ory-client - Versions diffs - 0.1.0.alpha12 → 0.2.0.alpha14 - Mend

ory-client 0.1.0.alpha12 → 0.2.0.alpha14

Files changed (505) hide show

data/docs/OAuth2Client.md ADDED Viewed

@@ -0,0 +1,110 @@
+# OryClient::OAuth2Client
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **allowed_cors_origins** | **Array&lt;String&gt;** |  | [optional] |
+| **audience** | **Array&lt;String&gt;** |  | [optional] |
+| **authorization_code_grant_access_token_lifespan** | **String** |  | [optional] |
+| **authorization_code_grant_id_token_lifespan** | **String** |  | [optional] |
+| **authorization_code_grant_refresh_token_lifespan** | **String** |  | [optional] |
+| **backchannel_logout_session_required** | **Boolean** | Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false. | [optional] |
+| **backchannel_logout_uri** | **String** | RP URL that will cause the RP to log itself out when sent a Logout Token by the OP. | [optional] |
+| **client_credentials_grant_access_token_lifespan** | **String** |  | [optional] |
+| **client_id** | **String** | ID is the id for this client.  The ID is autogenerated and immutable. | [optional] |
+| **client_name** | **String** | Name is the human-readable string name of the client to be presented to the end-user during authorization. | [optional] |
+| **client_secret** | **String** | Secret is the client&#39;s secret. The secret will be included in the create request as cleartext, and then never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users that they need to write the secret down as it will not be made available again. | [optional] |
+| **client_secret_expires_at** | **Integer** | SecretExpiresAt is an integer holding the time at which the client secret will expire or 0 if it will not expire. The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of expiration.  This feature is currently not supported and it&#39;s value will always be set to 0. | [optional] |
+| **client_uri** | **String** | ClientURI is an URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion. | [optional] |
+| **contacts** | **Array&lt;String&gt;** |  | [optional] |
+| **created_at** | **Time** | CreatedAt returns the timestamp of the client&#39;s creation. | [optional] |
+| **frontchannel_logout_session_required** | **Boolean** | Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be included to identify the RP session with the OP when the frontchannel_logout_uri is used. If omitted, the default value is false. | [optional] |
+| **frontchannel_logout_uri** | **String** | RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out; if either is included, both MUST be. | [optional] |
+| **grant_types** | **Array&lt;String&gt;** |  | [optional] |
+| **implicit_grant_access_token_lifespan** | **String** |  | [optional] |
+| **implicit_grant_id_token_lifespan** | **String** |  | [optional] |
+| **jwks** | **Object** |  | [optional] |
+| **jwks_uri** | **String** | URL for the Client&#39;s JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the Client&#39;s encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key&#39;s intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. | [optional] |
+| **jwt_bearer_grant_access_token_lifespan** | **String** |  | [optional] |
+| **logo_uri** | **String** | LogoURI is an URL string that references a logo for the client. | [optional] |
+| **metadata** | **Object** |  | [optional] |
+| **owner** | **String** | Owner is a string identifying the owner of the OAuth 2.0 Client. | [optional] |
+| **password_grant_access_token_lifespan** | **String** |  | [optional] |
+| **password_grant_refresh_token_lifespan** | **String** |  | [optional] |
+| **policy_uri** | **String** | PolicyURI is a URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data. | [optional] |
+| **post_logout_redirect_uris** | **Array&lt;String&gt;** |  | [optional] |
+| **redirect_uris** | **Array&lt;String&gt;** |  | [optional] |
+| **refresh_token_grant_access_token_lifespan** | **String** |  | [optional] |
+| **refresh_token_grant_id_token_lifespan** | **String** |  | [optional] |
+| **refresh_token_grant_refresh_token_lifespan** | **String** |  | [optional] |
+| **registration_access_token** | **String** | RegistrationAccessToken can be used to update, get, or delete the OAuth2 Client. | [optional] |
+| **registration_client_uri** | **String** | RegistrationClientURI is the URL used to update, get, or delete the OAuth2 Client. | [optional] |
+| **request_object_signing_alg** | **String** | JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects from this Client MUST be rejected, if not signed with this algorithm. | [optional] |
+| **request_uris** | **Array&lt;String&gt;** |  | [optional] |
+| **response_types** | **Array&lt;String&gt;** |  | [optional] |
+| **scope** | **String** | Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens. | [optional] |
+| **sector_identifier_uri** | **String** | URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values. | [optional] |
+| **subject_type** | **String** | SubjectType requested for responses to this Client. The subject_types_supported Discovery parameter contains a list of the supported subject_type values for this server. Valid types include &#x60;pairwise&#x60; and &#x60;public&#x60;. | [optional] |
+| **token_endpoint_auth_method** | **String** | Requested Client Authentication method for the Token Endpoint. The options are client_secret_post, client_secret_basic, private_key_jwt, and none. | [optional] |
+| **token_endpoint_auth_signing_alg** | **String** | Requested Client Authentication signing algorithm for the Token Endpoint. | [optional] |
+| **tos_uri** | **String** | TermsOfServiceURI is a URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client. | [optional] |
+| **updated_at** | **Time** | UpdatedAt returns the timestamp of the last update. | [optional] |
+| **userinfo_signed_response_alg** | **String** | JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims as a UTF-8 encoded JSON object using the application/json content-type. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2Client.new(
+  allowed_cors_origins: null,
+  audience: null,
+  authorization_code_grant_access_token_lifespan: null,
+  authorization_code_grant_id_token_lifespan: null,
+  authorization_code_grant_refresh_token_lifespan: null,
+  backchannel_logout_session_required: null,
+  backchannel_logout_uri: null,
+  client_credentials_grant_access_token_lifespan: null,
+  client_id: null,
+  client_name: null,
+  client_secret: null,
+  client_secret_expires_at: null,
+  client_uri: null,
+  contacts: null,
+  created_at: null,
+  frontchannel_logout_session_required: null,
+  frontchannel_logout_uri: null,
+  grant_types: null,
+  implicit_grant_access_token_lifespan: null,
+  implicit_grant_id_token_lifespan: null,
+  jwks: null,
+  jwks_uri: null,
+  jwt_bearer_grant_access_token_lifespan: null,
+  logo_uri: null,
+  metadata: null,
+  owner: null,
+  password_grant_access_token_lifespan: null,
+  password_grant_refresh_token_lifespan: null,
+  policy_uri: null,
+  post_logout_redirect_uris: null,
+  redirect_uris: null,
+  refresh_token_grant_access_token_lifespan: null,
+  refresh_token_grant_id_token_lifespan: null,
+  refresh_token_grant_refresh_token_lifespan: null,
+  registration_access_token: null,
+  registration_client_uri: null,
+  request_object_signing_alg: null,
+  request_uris: null,
+  response_types: null,
+  scope: scope1 scope-2 scope.3 scope:4,
+  sector_identifier_uri: null,
+  subject_type: null,
+  token_endpoint_auth_method: null,
+  token_endpoint_auth_signing_alg: null,
+  tos_uri: null,
+  updated_at: null,
+  userinfo_signed_response_alg: null
+)
+```

data/docs/OAuth2ConsentRequest.md ADDED Viewed

@@ -0,0 +1,42 @@
+# OryClient::OAuth2ConsentRequest
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **acr** | **String** | ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. | [optional] |
+| **amr** | **Array&lt;String&gt;** |  | [optional] |
+| **challenge** | **String** | ID is the identifier (\&quot;authorization challenge\&quot;) of the consent authorization request. It is used to identify the session. |  |
+| **client** | [**OAuth2Client**](OAuth2Client.md) |  | [optional] |
+| **context** | **Object** |  | [optional] |
+| **login_challenge** | **String** | LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate a login and consent request in the login &amp; consent app. | [optional] |
+| **login_session_id** | **String** | LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \&quot;sid\&quot; parameter in the ID Token and in OIDC Front-/Back- channel logout. It&#39;s value can generally be used to associate consecutive login requests by a certain user. | [optional] |
+| **oidc_context** | [**OAuth2ConsentRequestOpenIDConnectContext**](OAuth2ConsentRequestOpenIDConnectContext.md) |  | [optional] |
+| **request_url** | **String** | RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters. | [optional] |
+| **requested_access_token_audience** | **Array&lt;String&gt;** |  | [optional] |
+| **requested_scope** | **Array&lt;String&gt;** |  | [optional] |
+| **skip** | **Boolean** | Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you must not ask the user to grant the requested scopes. You must however either allow or deny the consent request using the usual API call. | [optional] |
+| **subject** | **String** | Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2ConsentRequest.new(
+  acr: null,
+  amr: null,
+  challenge: null,
+  client: null,
+  context: null,
+  login_challenge: null,
+  login_session_id: null,
+  oidc_context: null,
+  request_url: null,
+  requested_access_token_audience: null,
+  requested_scope: null,
+  skip: null,
+  subject: null
+)
+```

data/docs/OAuth2ConsentRequestOpenIDConnectContext.md ADDED Viewed

@@ -0,0 +1,26 @@
+# OryClient::OAuth2ConsentRequestOpenIDConnectContext
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **acr_values** | **Array&lt;String&gt;** | ACRValues is the Authentication AuthorizationContext Class Reference requested in the OAuth 2.0 Authorization request. It is a parameter defined by OpenID Connect and expresses which level of authentication (e.g. 2FA) is required.  OpenID Connect defines it as follows: &gt; Requested Authentication AuthorizationContext Class Reference values. Space-separated string that specifies the acr values that the Authorization Server is being requested to use for processing this Authentication Request, with the values appearing in order of preference. The Authentication AuthorizationContext Class satisfied by the authentication performed is returned as the acr Claim Value, as specified in Section 2. The acr Claim is requested as a Voluntary Claim by this parameter. | [optional] |
+| **display** | **String** | Display is a string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. The defined values are: page: The Authorization Server SHOULD display the authentication and consent UI consistent with a full User Agent page view. If the display parameter is not specified, this is the default display mode. popup: The Authorization Server SHOULD display the authentication and consent UI consistent with a popup User Agent window. The popup User Agent window should be of an appropriate size for a login-focused dialog and should not obscure the entire window that it is popping up over. touch: The Authorization Server SHOULD display the authentication and consent UI consistent with a device that leverages a touch interface. wap: The Authorization Server SHOULD display the authentication and consent UI consistent with a \&quot;feature phone\&quot; type display.  The Authorization Server MAY also attempt to detect the capabilities of the User Agent and present an appropriate display. | [optional] |
+| **id_token_hint_claims** | **Hash&lt;String, Object&gt;** | IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a hint about the End-User&#39;s current or past authenticated session with the Client. | [optional] |
+| **login_hint** | **String** | LoginHint hints about the login identifier the End-User might use to log in (if necessary). This hint can be used by an RP if it first asks the End-User for their e-mail address (or other identifier) and then wants to pass that value as a hint to the discovered authorization service. This value MAY also be a phone number in the format specified for the phone_number Claim. The use of this parameter is optional. | [optional] |
+| **ui_locales** | **Array&lt;String&gt;** | UILocales is the End-User&#39;id preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value \&quot;fr-CA fr en\&quot; represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported by the OpenID Provider. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2ConsentRequestOpenIDConnectContext.new(
+  acr_values: null,
+  display: null,
+  id_token_hint_claims: null,
+  login_hint: null,
+  ui_locales: null
+)
+```

data/docs/OAuth2ConsentSession.md ADDED Viewed

@@ -0,0 +1,36 @@
+# OryClient::OAuth2ConsentSession
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **allowed_top_level_claims** | **Array&lt;String&gt;** |  | [optional] |
+| **client_id** | **String** |  | [optional] |
+| **consent_challenge** | **String** |  | [optional] |
+| **exclude_not_before_claim** | **Boolean** |  | [optional] |
+| **extra** | **Hash&lt;String, Object&gt;** |  | [optional] |
+| **headers** | [**Headers**](Headers.md) |  | [optional] |
+| **id_token_claims** | [**IDTokenClaims**](IDTokenClaims.md) |  | [optional] |
+| **kid** | **String** |  | [optional] |
+| **subject** | **String** |  | [optional] |
+| **username** | **String** |  | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2ConsentSession.new(
+  allowed_top_level_claims: null,
+  client_id: null,
+  consent_challenge: null,
+  exclude_not_before_claim: null,
+  extra: null,
+  headers: null,
+  id_token_claims: null,
+  kid: null,
+  subject: null,
+  username: null
+)
+```

data/docs/OAuth2LoginRequest.md ADDED Viewed

@@ -0,0 +1,34 @@
+# OryClient::OAuth2LoginRequest
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **challenge** | **String** | ID is the identifier (\&quot;login challenge\&quot;) of the login request. It is used to identify the session. |  |
+| **client** | [**OAuth2Client**](OAuth2Client.md) |  |  |
+| **oidc_context** | [**OAuth2ConsentRequestOpenIDConnectContext**](OAuth2ConsentRequestOpenIDConnectContext.md) |  | [optional] |
+| **request_url** | **String** | RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters. |  |
+| **requested_access_token_audience** | **Array&lt;String&gt;** |  |  |
+| **requested_scope** | **Array&lt;String&gt;** |  |  |
+| **session_id** | **String** | SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \&quot;sid\&quot; parameter in the ID Token and in OIDC Front-/Back- channel logout. It&#39;s value can generally be used to associate consecutive login requests by a certain user. | [optional] |
+| **skip** | **Boolean** | Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL.  This feature allows you to update / set session information. |  |
+| **subject** | **String** | Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. If this value is set and &#x60;skip&#x60; is true, you MUST include this subject type when accepting the login request, or the request will fail. |  |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2LoginRequest.new(
+  challenge: null,
+  client: null,
+  oidc_context: null,
+  request_url: null,
+  requested_access_token_audience: null,
+  requested_scope: null,
+  session_id: null,
+  skip: null,
+  subject: null
+)
+```

data/docs/OAuth2LogoutRequest.md ADDED Viewed

@@ -0,0 +1,28 @@
+# OryClient::OAuth2LogoutRequest
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **challenge** | **String** | Challenge is the identifier (\&quot;logout challenge\&quot;) of the logout authentication request. It is used to identify the session. | [optional] |
+| **client** | [**OAuth2Client**](OAuth2Client.md) |  | [optional] |
+| **request_url** | **String** | RequestURL is the original Logout URL requested. | [optional] |
+| **rp_initiated** | **Boolean** | RPInitiated is set to true if the request was initiated by a Relying Party (RP), also known as an OAuth 2.0 Client. | [optional] |
+| **sid** | **String** | SessionID is the login session ID that was requested to log out. | [optional] |
+| **subject** | **String** | Subject is the user for whom the logout was request. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2LogoutRequest.new(
+  challenge: null,
+  client: null,
+  request_url: null,
+  rp_initiated: null,
+  sid: null,
+  subject: null
+)
+```

data/docs/OAuth2TokenResponse.md ADDED Viewed

@@ -0,0 +1,28 @@
+# OryClient::OAuth2TokenResponse
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **access_token** | **String** | The access token issued by the authorization server. | [optional] |
+| **expires_in** | **Integer** | The lifetime in seconds of the access token.  For example, the value \&quot;3600\&quot; denotes that the access token will expire in one hour from the time the response was generated. | [optional] |
+| **id_token** | **Integer** | To retrieve a refresh token request the id_token scope. | [optional] |
+| **refresh_token** | **String** | The refresh token, which can be used to obtain new access tokens. To retrieve it add the scope \&quot;offline\&quot; to your access token request. | [optional] |
+| **scope** | **Integer** | The scope of the access token | [optional] |
+| **token_type** | **String** | The type of the token issued | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OAuth2TokenResponse.new(
+  access_token: null,
+  expires_in: null,
+  id_token: null,
+  refresh_token: null,
+  scope: null,
+  token_type: null
+)
+```

data/docs/OidcConfiguration.md ADDED Viewed

@@ -0,0 +1,74 @@
+# OryClient::OidcConfiguration
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **authorization_endpoint** | **String** | URL of the OP&#39;s OAuth 2.0 Authorization Endpoint. |  |
+| **backchannel_logout_session_supported** | **Boolean** | Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP. If supported, the sid Claim is also included in ID Tokens issued by the OP | [optional] |
+| **backchannel_logout_supported** | **Boolean** | Boolean value specifying whether the OP supports back-channel logout, with true indicating support. | [optional] |
+| **claims_parameter_supported** | **Boolean** | Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. | [optional] |
+| **claims_supported** | **Array&lt;String&gt;** | JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. | [optional] |
+| **code_challenge_methods_supported** | **Array&lt;String&gt;** | JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server. | [optional] |
+| **end_session_endpoint** | **String** | URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP. | [optional] |
+| **frontchannel_logout_session_supported** | **Boolean** | Boolean value specifying whether the OP can pass iss (issuer) and sid (session ID) query parameters to identify the RP session with the OP when the frontchannel_logout_uri is used. If supported, the sid Claim is also included in ID Tokens issued by the OP. | [optional] |
+| **frontchannel_logout_supported** | **Boolean** | Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support. | [optional] |
+| **grant_types_supported** | **Array&lt;String&gt;** | JSON array containing a list of the OAuth 2.0 Grant Type values that this OP supports. | [optional] |
+| **id_token_signed_response_alg** | **Array&lt;String&gt;** | Algorithm used to sign OpenID Connect ID Tokens. |  |
+| **id_token_signing_alg_values_supported** | **Array&lt;String&gt;** | JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT. |  |
+| **issuer** | **String** | URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. |  |
+| **jwks_uri** | **String** | URL of the OP&#39;s JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server&#39;s encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key&#39;s intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. |  |
+| **registration_endpoint** | **String** | URL of the OP&#39;s Dynamic Client Registration Endpoint. | [optional] |
+| **request_object_signing_alg_values_supported** | **Array&lt;String&gt;** | JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). | [optional] |
+| **request_parameter_supported** | **Boolean** | Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. | [optional] |
+| **request_uri_parameter_supported** | **Boolean** | Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. | [optional] |
+| **require_request_uri_registration** | **Boolean** | Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. | [optional] |
+| **response_modes_supported** | **Array&lt;String&gt;** | JSON array containing a list of the OAuth 2.0 response_mode values that this OP supports. | [optional] |
+| **response_types_supported** | **Array&lt;String&gt;** | JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values. |  |
+| **revocation_endpoint** | **String** | URL of the authorization server&#39;s OAuth 2.0 revocation endpoint. | [optional] |
+| **scopes_supported** | **Array&lt;String&gt;** | SON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used | [optional] |
+| **subject_types_supported** | **Array&lt;String&gt;** | JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public. |  |
+| **token_endpoint** | **String** | URL of the OP&#39;s OAuth 2.0 Token Endpoint |  |
+| **token_endpoint_auth_methods_supported** | **Array&lt;String&gt;** | JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 | [optional] |
+| **userinfo_endpoint** | **String** | URL of the OP&#39;s UserInfo Endpoint. | [optional] |
+| **userinfo_signed_response_alg** | **Array&lt;String&gt;** | Algorithm used to sign OpenID Connect Userinfo Responses. |  |
+| **userinfo_signing_alg_values_supported** | **Array&lt;String&gt;** | JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OidcConfiguration.new(
+  authorization_endpoint: https://playground.ory.sh/ory-hydra/public/oauth2/auth,
+  backchannel_logout_session_supported: null,
+  backchannel_logout_supported: null,
+  claims_parameter_supported: null,
+  claims_supported: null,
+  code_challenge_methods_supported: null,
+  end_session_endpoint: null,
+  frontchannel_logout_session_supported: null,
+  frontchannel_logout_supported: null,
+  grant_types_supported: null,
+  id_token_signed_response_alg: null,
+  id_token_signing_alg_values_supported: null,
+  issuer: https://playground.ory.sh/ory-hydra/public/,
+  jwks_uri: https://playground.ory.sh/ory-hydra/public/.well-known/jwks.json,
+  registration_endpoint: https://playground.ory.sh/ory-hydra/admin/client,
+  request_object_signing_alg_values_supported: null,
+  request_parameter_supported: null,
+  request_uri_parameter_supported: null,
+  require_request_uri_registration: null,
+  response_modes_supported: null,
+  response_types_supported: null,
+  revocation_endpoint: null,
+  scopes_supported: null,
+  subject_types_supported: null,
+  token_endpoint: https://playground.ory.sh/ory-hydra/public/oauth2/token,
+  token_endpoint_auth_methods_supported: null,
+  userinfo_endpoint: null,
+  userinfo_signed_response_alg: null,
+  userinfo_signing_alg_values_supported: null
+)
+```

data/docs/OidcUserInfo.md ADDED Viewed

@@ -0,0 +1,54 @@
+# OryClient::OidcUserInfo
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **birthdate** | **String** | End-User&#39;s birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform&#39;s date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates. | [optional] |
+| **email** | **String** | End-User&#39;s preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7. | [optional] |
+| **email_verified** | **Boolean** | True if the End-User&#39;s e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. | [optional] |
+| **family_name** | **String** | Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. | [optional] |
+| **gender** | **String** | End-User&#39;s gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable. | [optional] |
+| **given_name** | **String** | Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. | [optional] |
+| **locale** | **String** | End-User&#39;s locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well. | [optional] |
+| **middle_name** | **String** | Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used. | [optional] |
+| **name** | **String** | End-User&#39;s full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User&#39;s locale and preferences. | [optional] |
+| **nickname** | **String** | Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael. | [optional] |
+| **phone_number** | **String** | End-User&#39;s preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext&#x3D;5678. | [optional] |
+| **phone_number_verified** | **Boolean** | True if the End-User&#39;s phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format. | [optional] |
+| **picture** | **String** | URL of the End-User&#39;s profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User. | [optional] |
+| **preferred_username** | **String** | Non-unique shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. | [optional] |
+| **profile** | **String** | URL of the End-User&#39;s profile page. The contents of this Web page SHOULD be about the End-User. | [optional] |
+| **sub** | **String** | Subject - Identifier for the End-User at the IssuerURL. | [optional] |
+| **updated_at** | **Integer** | Time the End-User&#39;s information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. | [optional] |
+| **website** | **String** | URL of the End-User&#39;s Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with. | [optional] |
+| **zoneinfo** | **String** | String from zoneinfo [zoneinfo] time zone database representing the End-User&#39;s time zone. For example, Europe/Paris or America/Los_Angeles. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::OidcUserInfo.new(
+  birthdate: null,
+  email: null,
+  email_verified: null,
+  family_name: null,
+  gender: null,
+  given_name: null,
+  locale: null,
+  middle_name: null,
+  name: null,
+  nickname: null,
+  phone_number: null,
+  phone_number_verified: null,
+  picture: null,
+  preferred_username: null,
+  profile: null,
+  sub: null,
+  updated_at: null,
+  website: null,
+  zoneinfo: null
+)
+```

data/docs/Pagination.md CHANGED Viewed

@@ -4,7 +4,9 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
-| **page** | **Integer** | Pagination Page | [optional][default to 1] |
+| **page** | **Integer** | Pagination Page  This value is currently an integer, but it is not sequential. The value is not the page number, but a reference. The next page can be any number and some numbers might return an empty list.  For example, page 2 might not follow after page 1. And even if page 3 and 5 exist, but page 4 might not exist. | [optional][default to 1] |
+| **page_size** | **Integer** | Items per page  This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). | [optional][default to 250] |
+| **page_token** | **String** | Next Page Token  The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). | [optional][default to &#39;1&#39;] |
 | **per_page** | **Integer** | Items per Page  This is the number of items per page. | [optional][default to 250] |
 ## Example
@@ -14,6 +16,8 @@ require 'ory-client'
 instance = OryClient::Pagination.new(
   page: null,
+  page_size: null,
+  page_token: null,
   per_page: null
 )
 ```

data/docs/PaginationHeaders.md ADDED Viewed

@@ -0,0 +1,20 @@
+# OryClient::PaginationHeaders
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **link** | **String** | The link header contains pagination links.  For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination).  in: header | [optional] |
+| **x_total_count** | **String** | The total number of clients.  in: header | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::PaginationHeaders.new(
+  link: null,
+  x_total_count: null
+)
+```

data/docs/PreviousOAuth2ConsentSession.md ADDED Viewed

@@ -0,0 +1,30 @@
+# OryClient::PreviousOAuth2ConsentSession
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **consent_request** | [**OAuth2ConsentRequest**](OAuth2ConsentRequest.md) |  | [optional] |
+| **grant_access_token_audience** | **Array&lt;String&gt;** |  | [optional] |
+| **grant_scope** | **Array&lt;String&gt;** |  | [optional] |
+| **handled_at** | **Time** |  | [optional] |
+| **remember** | **Boolean** | Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. | [optional] |
+| **remember_for** | **Integer** | RememberFor sets how long the consent authorization should be remembered for in seconds. If set to &#x60;0&#x60;, the authorization will be remembered indefinitely. | [optional] |
+| **session** | [**AcceptOAuth2ConsentRequestSession**](AcceptOAuth2ConsentRequestSession.md) |  | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::PreviousOAuth2ConsentSession.new(
+  consent_request: null,
+  grant_access_token_audience: null,
+  grant_scope: null,
+  handled_at: null,
+  remember: null,
+  remember_for: null,
+  session: null
+)
+```

data/docs/ProjectServiceOAuth2.md ADDED Viewed

@@ -0,0 +1,18 @@
+# OryClient::ProjectServiceOAuth2
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **config** | **Object** |  |  |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::ProjectServiceOAuth2.new(
+  config: null
+)
+```

data/docs/ProjectServices.md CHANGED Viewed

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **identity** | [**ProjectServiceIdentity**](ProjectServiceIdentity.md) |  | [optional] |
+| **oauth2** | [**ProjectServiceOAuth2**](ProjectServiceOAuth2.md) |  | [optional] |
 | **permission** | [**ProjectServicePermission**](ProjectServicePermission.md) |  | [optional] |
 ## Example
@@ -14,6 +15,7 @@ require 'ory-client'
 instance = OryClient::ProjectServices.new(
   identity: null,
+  oauth2: null,
   permission: null
 )
 ```

data/docs/RefreshTokenHookRequest.md ADDED Viewed

@@ -0,0 +1,28 @@
+# OryClient::RefreshTokenHookRequest
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **client_id** | **String** | ClientID is the identifier of the OAuth 2.0 client. | [optional] |
+| **granted_audience** | **Array&lt;String&gt;** | GrantedAudience is the list of audiences granted to the OAuth 2.0 client. | [optional] |
+| **granted_scopes** | **Array&lt;String&gt;** | GrantedScopes is the list of scopes granted to the OAuth 2.0 client. | [optional] |
+| **requester** | [**OAuth2AccessRequest**](OAuth2AccessRequest.md) |  | [optional] |
+| **session** | [**OAuth2ConsentSession**](OAuth2ConsentSession.md) |  | [optional] |
+| **subject** | **String** | Subject is the identifier of the authenticated end-user. | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::RefreshTokenHookRequest.new(
+  client_id: null,
+  granted_audience: null,
+  granted_scopes: null,
+  requester: null,
+  session: null,
+  subject: null
+)
+```

data/docs/RefreshTokenHookResponse.md ADDED Viewed

@@ -0,0 +1,18 @@
+# OryClient::RefreshTokenHookResponse
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **session** | [**AcceptOAuth2ConsentRequestSession**](AcceptOAuth2ConsentRequestSession.md) |  | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::RefreshTokenHookResponse.new(
+  session: null
+)
+```

data/docs/RejectOAuth2Request.md ADDED Viewed

@@ -0,0 +1,26 @@
+# OryClient::RejectOAuth2Request
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **error** | **String** | The error should follow the OAuth2 error format (e.g. &#x60;invalid_request&#x60;, &#x60;login_required&#x60;).  Defaults to &#x60;request_denied&#x60;. | [optional] |
+| **error_debug** | **String** | Debug contains information to help resolve the problem as a developer. Usually not exposed to the public but only in the server logs. | [optional] |
+| **error_description** | **String** | Description of the error in a human readable format. | [optional] |
+| **error_hint** | **String** | Hint to help resolve the error. | [optional] |
+| **status_code** | **Integer** | Represents the HTTP status code of the error (e.g. 401 or 403)  Defaults to 400 | [optional] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::RejectOAuth2Request.new(
+  error: null,
+  error_debug: null,
+  error_description: null,
+  error_hint: null,
+  status_code: null
+)
+```