RubyGems - ory-client - Versions diffs - 0.2.0.alpha47 → 0.2.0.alpha60 - Mend

ory-client 0.2.0.alpha47 → 0.2.0.alpha60

Files changed (571) hide show

data/spec/api/v0alpha2_api_spec.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v0.2.0-alpha.47
+The version of the OpenAPI document: v0.2.0-alpha.60
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -32,6 +32,44 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_accept_o_auth2_consent_request
+  # Accept an OAuth 2.0 Consent Request
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject&#39;s behalf.  The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to grant or deny the client access to the requested scope (\&quot;Application my-dropbox-app wants write access to all your private files\&quot;).  The consent challenge is appended to the consent provider&#39;s URL to which the subject&#39;s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted or rejected the request.  This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests.  The response contains a redirect URL which the consent provider should redirect the user-agent to.
+  # @param consent_challenge
+  # @param [Hash] opts the optional parameters
+  # @option opts [AcceptOAuth2ConsentRequest] :accept_o_auth2_consent_request
+  # @return [SuccessfulOAuth2RequestResponse]
+  describe 'admin_accept_o_auth2_consent_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_accept_o_auth2_login_request
+  # Accept an OAuth 2.0 Login Request
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory Hydra asks the login provider (sometimes called \&quot;identity provider\&quot;) to authenticate the subject and then tell Ory Hydra now about it. The login provider is an web-app you write and host, and it must be able to authenticate (\&quot;show the subject a login screen\&quot;) a subject (in OAuth2 the proper name for subject is \&quot;resource owner\&quot;).  The authentication challenge is appended to the login provider URL to which the subject&#39;s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process.  This endpoint tells ORY Hydra that the subject has successfully authenticated and includes additional information such as the subject&#39;s ID and if ORY Hydra should remember the subject&#39;s subject agent for future authentication attempts by setting a cookie.  The response contains a redirect URL which the login provider should redirect the user-agent to.
+  # @param login_challenge
+  # @param [Hash] opts the optional parameters
+  # @option opts [AcceptOAuth2LoginRequest] :accept_o_auth2_login_request
+  # @return [SuccessfulOAuth2RequestResponse]
+  describe 'admin_accept_o_auth2_login_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_accept_o_auth2_logout_request
+  # Accept an OAuth 2.0 Logout Request
+  # When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm that logout request.  The response contains a redirect URL which the consent provider should redirect the user-agent to.
+  # @param logout_challenge
+  # @param [Hash] opts the optional parameters
+  # @return [SuccessfulOAuth2RequestResponse]
+  describe 'admin_accept_o_auth2_logout_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_create_identity
   # Create an Identity
   # This endpoint creates an identity. Learn how identities work in [Ory Kratos&#39; User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
@@ -44,6 +82,43 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_create_json_web_key_set
+  # Generate a New JSON Web Key
+  # This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param admin_create_json_web_key_set_body
+  # @param [Hash] opts the optional parameters
+  # @return [JsonWebKeySet]
+  describe 'admin_create_json_web_key_set test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_create_o_auth2_client
+  # Create an OAuth 2.0 Client
+  # Create a new OAuth 2.0 client. If you pass &#x60;client_secret&#x60; the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param o_auth2_client
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'admin_create_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_create_self_service_recovery_code
+  # Create a Recovery Link
+  # This endpoint creates a recovery code which should be given to the user in order for them to recover (or activate) their account.
+  # @param [Hash] opts the optional parameters
+  # @option opts [AdminCreateSelfServiceRecoveryCodeBody] :admin_create_self_service_recovery_code_body
+  # @return [SelfServiceRecoveryCode]
+  describe 'admin_create_self_service_recovery_code test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_create_self_service_recovery_link
   # Create a Recovery Link
   # This endpoint creates a recovery link which should be given to the user in order for them to recover (or activate) their account.
@@ -80,6 +155,67 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_delete_json_web_key
+  # Delete a JSON Web Key
+  # Use this endpoint to delete a single JSON Web Key.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param kid The JSON Web Key ID (kid)
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_delete_json_web_key test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_delete_json_web_key_set
+  # Delete a JSON Web Key Set
+  # Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_delete_json_web_key_set test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_delete_o_auth2_client
+  # Deletes an OAuth 2.0 Client
+  # Delete an existing OAuth 2.0 Client by its ID.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.  Make sure that this endpoint is well protected and only callable by first-party components.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_delete_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_delete_o_auth2_token
+  # Delete OAuth2 Access Tokens from a Client
+  # This endpoint deletes OAuth2 access tokens issued for a client from the database
+  # @param client_id
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_delete_o_auth2_token test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_delete_trusted_o_auth2_jwt_grant_issuer
+  # Delete a Trusted OAuth2 JWT Bearer Grant Type Issuer
+  # Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship.  Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grant.
+  # @param id The id of the desired grant
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_delete_trusted_o_auth2_jwt_grant_issuer test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_extend_session
   # Calling this endpoint extends the given session ID. If &#x60;session.earliest_possible_extend&#x60; is set it will only extend the session after the specified time has passed.
   # Retrieve the session ID from the &#x60;/sessions/whoami&#x60; endpoint / &#x60;toSession&#x60; SDK method.
@@ -105,6 +241,119 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_get_json_web_key
+  # Fetch a JSON Web Key
+  # This endpoint returns a singular JSON Web Key. It is identified by the set and the specific key ID (kid).
+  # @param set The JSON Web Key Set
+  # @param kid The JSON Web Key ID (kid)
+  # @param [Hash] opts the optional parameters
+  # @return [JsonWebKeySet]
+  describe 'admin_get_json_web_key test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_json_web_key_set
+  # Retrieve a JSON Web Key Set
+  # This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param [Hash] opts the optional parameters
+  # @return [JsonWebKeySet]
+  describe 'admin_get_json_web_key_set test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_o_auth2_client
+  # Get an OAuth 2.0 Client
+  # Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'admin_get_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_o_auth2_consent_request
+  # Get OAuth 2.0 Consent Request Information
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject&#39;s behalf.  The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to grant or deny the client access to the requested scope (\&quot;Application my-dropbox-app wants write access to all your private files\&quot;).  The consent challenge is appended to the consent provider&#39;s URL to which the subject&#39;s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted or rejected the request.
+  # @param consent_challenge
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2ConsentRequest]
+  describe 'admin_get_o_auth2_consent_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_o_auth2_login_request
+  # Get an OAuth 2.0 Login Request
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider (sometimes called \&quot;identity provider\&quot;) to authenticate the subject and then tell ORY Hydra now about it. The login provider is an web-app you write and host, and it must be able to authenticate (\&quot;show the subject a login screen\&quot;) a subject (in OAuth2 the proper name for subject is \&quot;resource owner\&quot;).  The authentication challenge is appended to the login provider URL to which the subject&#39;s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process.
+  # @param login_challenge
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2LoginRequest]
+  describe 'admin_get_o_auth2_login_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_o_auth2_logout_request
+  # Get an OAuth 2.0 Logout Request
+  # Use this endpoint to fetch a logout request.
+  # @param logout_challenge
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2LogoutRequest]
+  describe 'admin_get_o_auth2_logout_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_get_trusted_o_auth2_jwt_grant_issuer
+  # Get a Trusted OAuth2 JWT Bearer Grant Type Issuer
+  # Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you created the trust relationship.
+  # @param id The id of the desired grant
+  # @param [Hash] opts the optional parameters
+  # @return [TrustedOAuth2JwtGrantIssuer]
+  describe 'admin_get_trusted_o_auth2_jwt_grant_issuer test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_introspect_o_auth2_token
+  # Introspect OAuth2 Access or Refresh Tokens
+  # The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting &#x60;accessTokenExtra&#x60; during the consent flow.  For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-endpoint/).
+  # @param token The string value of the token. For access tokens, this is the \\\&quot;access_token\\\&quot; value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the \\\&quot;refresh_token\\\&quot; value returned.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :scope An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false.
+  # @return [IntrospectedOAuth2Token]
+  describe 'admin_introspect_o_auth2_token test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_list_courier_messages
+  # List Messages
+  # Lists all messages by given status and recipient.
+  # @param [Hash] opts the optional parameters
+  # @option opts [Integer] :per_page Items per Page  This is the number of items per page.
+  # @option opts [Integer] :page Pagination Page  This value is currently an integer, but it is not sequential. The value is not the page number, but a reference. The next page can be any number and some numbers might return an empty list.  For example, page 2 might not follow after page 1. And even if page 3 and 5 exist, but page 4 might not exist.
+  # @option opts [CourierMessageStatus] :status Status filters out messages based on status. If no value is provided, it doesn&#39;t take effect on filter.
+  # @option opts [String] :recipient Recipient filters out messages based on recipient. If no value is provided, it doesn&#39;t take effect on filter.
+  # @return [Array<Message>]
+  describe 'admin_list_courier_messages test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_list_identities
   # List Identities
   # Lists all identities. Does not support search at the moment.  Learn how identities work in [Ory Kratos&#39; User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
@@ -133,9 +382,54 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_list_o_auth2_clients
+  # List OAuth 2.0 Clients
+  # This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. The &#x60;limit&#x60; parameter can be used to retrieve more clients, but it has an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.  The \&quot;Link\&quot; header is also included in successful responses, which contains one or more links for pagination, formatted like so: &#39;&lt;https://project-slug.projects.oryapis.com/admin/clients?limit&#x3D;{limit}&amp;offset&#x3D;{offset}&gt;; rel&#x3D;\&quot;{page}\&quot;&#39;, where page is one of the following applicable pages: &#39;first&#39;, &#39;next&#39;, &#39;last&#39;, and &#39;previous&#39;. Multiple links can be included in this header, and will be separated by a comma.
+  # @param [Hash] opts the optional parameters
+  # @option opts [Integer] :page_size Items per page  This is the number of items per page to return. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination).
+  # @option opts [String] :page_token Next Page Token  The next page token. For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination).
+  # @option opts [String] :client_name The name of the clients to filter by.
+  # @option opts [String] :owner The owner of the clients to filter by.
+  # @return [Array<OAuth2Client>]
+  describe 'admin_list_o_auth2_clients test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_list_o_auth2_subject_consent_sessions
+  # List OAuth 2.0 Consent Sessions of a Subject
+  # This endpoint lists all subject&#39;s granted consent sessions, including client and granted scope. If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an empty JSON array with status code 200 OK.  The \&quot;Link\&quot; header is also included in successful responses, which contains one or more links for pagination, formatted like so: &#39;&lt;https://hydra-url/admin/oauth2/auth/sessions/consent?subject&#x3D;{user}&amp;limit&#x3D;{limit}&amp;offset&#x3D;{offset}&gt;; rel&#x3D;\&quot;{page}\&quot;&#39;, where page is one of the following applicable pages: &#39;first&#39;, &#39;next&#39;, &#39;last&#39;, and &#39;previous&#39;. Multiple links can be included in this header, and will be separated by a comma.
+  # @param subject The subject to list the consent sessions for.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :link The link header contains pagination links.  For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination).
+  # @option opts [String] :x_total_count The total number of clients.
+  # @return [Array<PreviousOAuth2ConsentSession>]
+  describe 'admin_list_o_auth2_subject_consent_sessions test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_list_trusted_o_auth2_jwt_grant_issuers
+  # List Trusted OAuth2 JWT Bearer Grant Type Issuers
+  # Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
+  # @param [Hash] opts the optional parameters
+  # @option opts [Integer] :max_items
+  # @option opts [Integer] :default_items
+  # @option opts [String] :issuer If optional \&quot;issuer\&quot; is supplied, only jwt-bearer grants with this issuer will be returned.
+  # @option opts [Integer] :limit The maximum amount of policies returned, upper bound is 500 policies
+  # @option opts [Integer] :offset The offset from where to start looking.
+  # @return [Array<TrustedOAuth2JwtGrantIssuer>]
+  describe 'admin_list_trusted_o_auth2_jwt_grant_issuers test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_patch_identity
-  # Partially updates an Identity&#39;s field using [JSON Patch](https://jsonpatch.com/)
-  # NOTE: The fields &#x60;id&#x60;, &#x60;stateChangedAt&#x60; and &#x60;credentials&#x60; are not updateable.  Learn how identities work in [Ory Kratos&#39; User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+  # Patch an Identity
+  # Partially updates an Identity&#39;s field using [JSON Patch](https://jsonpatch.com/)  NOTE: The fields &#x60;id&#x60;, &#x60;stateChangedAt&#x60; and &#x60;credentials&#x60; are not updateable.  Learn how identities work in [Ory Kratos&#39; User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
   # @param id ID must be set to the ID of identity you want to update
   # @param [Hash] opts the optional parameters
   # @option opts [Array<JsonPatch>] :json_patch
@@ -146,6 +440,96 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_patch_o_auth2_client
+  # Patch an OAuth 2.0 Client
+  # Patch an existing OAuth 2.0 Client. If you pass &#x60;client_secret&#x60; the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param json_patch
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'admin_patch_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_reject_o_auth2_consent_request
+  # Reject an OAuth 2.0 Consent Request
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject&#39;s behalf.  The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to grant or deny the client access to the requested scope (\&quot;Application my-dropbox-app wants write access to all your private files\&quot;).  The consent challenge is appended to the consent provider&#39;s URL to which the subject&#39;s user-agent (browser) is redirected to. The consent provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted or rejected the request.  This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. The consent provider must include a reason why the consent was not granted.  The response contains a redirect URL which the consent provider should redirect the user-agent to.
+  # @param consent_challenge
+  # @param [Hash] opts the optional parameters
+  # @option opts [RejectOAuth2Request] :reject_o_auth2_request
+  # @return [SuccessfulOAuth2RequestResponse]
+  describe 'admin_reject_o_auth2_consent_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_reject_o_auth2_login_request
+  # Reject an OAuth 2.0 Login Request
+  # When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider (sometimes called \&quot;identity provider\&quot;) to authenticate the subject and then tell ORY Hydra now about it. The login provider is an web-app you write and host, and it must be able to authenticate (\&quot;show the subject a login screen\&quot;) a subject (in OAuth2 the proper name for subject is \&quot;resource owner\&quot;).  The authentication challenge is appended to the login provider URL to which the subject&#39;s user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process.  This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the authentication was denied.  The response contains a redirect URL which the login provider should redirect the user-agent to.
+  # @param login_challenge
+  # @param [Hash] opts the optional parameters
+  # @option opts [RejectOAuth2Request] :reject_o_auth2_request
+  # @return [SuccessfulOAuth2RequestResponse]
+  describe 'admin_reject_o_auth2_login_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_reject_o_auth2_logout_request
+  # Reject an OAuth 2.0 Logout Request
+  # When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny that logout request. No body is required.  The response is empty as the logout provider has to chose what action to perform next.
+  # @param logout_challenge
+  # @param [Hash] opts the optional parameters
+  # @option opts [RejectOAuth2Request] :reject_o_auth2_request
+  # @return [nil]
+  describe 'admin_reject_o_auth2_logout_request test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_revoke_o_auth2_consent_sessions
+  # Revokes OAuth 2.0 Consent Sessions of a Subject for a Specific OAuth 2.0 Client
+  # This endpoint revokes a subject&#39;s granted consent sessions for a specific OAuth 2.0 Client and invalidates all associated OAuth 2.0 Access Tokens.
+  # @param subject The subject (Subject) whose consent sessions should be deleted.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :client If set, deletes only those consent sessions by the Subject that have been granted to the specified OAuth 2.0 Client ID
+  # @option opts [Boolean] :all If set to &#x60;true&#x60; deletes all consent sessions by the Subject that have been granted.
+  # @return [nil]
+  describe 'admin_revoke_o_auth2_consent_sessions test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_revoke_o_auth2_login_sessions
+  # Invalidates All OAuth 2.0 Login Sessions of a Certain User
+  # This endpoint invalidates a subject&#39;s authentication session. After revoking the authentication session, the subject has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work with OpenID Connect Front- or Back-channel logout.
+  # @param subject The subject to revoke authentication sessions for.
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'admin_revoke_o_auth2_login_sessions test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_trust_o_auth2_jwt_grant_issuer
+  # Trust an OAuth2 JWT Bearer Grant Type Issuer
+  # Use this endpoint to establish a trust relationship for a JWT issuer to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).
+  # @param [Hash] opts the optional parameters
+  # @option opts [AdminTrustOAuth2JwtGrantIssuerBody] :admin_trust_o_auth2_jwt_grant_issuer_body
+  # @return [TrustedOAuth2JwtGrantIssuer]
+  describe 'admin_trust_o_auth2_jwt_grant_issuer test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for admin_update_identity
   # Update an Identity
   # This endpoint updates an identity. The full identity payload (except credentials) is expected. This endpoint does not support patching.  Learn how identities work in [Ory Kratos&#39; User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
@@ -159,8 +543,48 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for admin_update_json_web_key
+  # Update a JSON Web Key
+  # Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param kid The JSON Web Key ID (kid)
+  # @param [Hash] opts the optional parameters
+  # @option opts [JsonWebKey] :json_web_key
+  # @return [JsonWebKey]
+  describe 'admin_update_json_web_key test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_update_json_web_key_set
+  # Update a JSON Web Key Set
+  # Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own.  A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well.
+  # @param set The JSON Web Key Set
+  # @param [Hash] opts the optional parameters
+  # @option opts [JsonWebKeySet] :json_web_key_set
+  # @return [JsonWebKeySet]
+  describe 'admin_update_json_web_key_set test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for admin_update_o_auth2_client
+  # Update an OAuth 2.0 Client
+  # Update an existing OAuth 2.0 Client. If you pass &#x60;client_secret&#x60; the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param o_auth2_client
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'admin_update_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for create_project
-  # # Create a Project
+  # Create a Project
   # Creates a new project.
   # @param [Hash] opts the optional parameters
   # @option opts [CreateProjectBody] :create_project_body
@@ -172,7 +596,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for create_project_api_key
-  # # Create API Token
+  # Create API Token
   # Create an API token for a project.
   # @param project The Project ID or Project slug
   # @param [Hash] opts the optional parameters
@@ -197,7 +621,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for delete_project_api_key
-  # # Delete API Token
+  # Delete API Token
   # Deletes an API Token and immediately removes it.
   # @param project The Project ID or Project slug
   # @param token_id The Token ID
@@ -209,6 +633,77 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for discover_json_web_keys
+  # Discover JSON Web Keys
+  # This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others.
+  # @param [Hash] opts the optional parameters
+  # @return [JsonWebKeySet]
+  describe 'discover_json_web_keys test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for discover_oidc_configuration
+  # OpenID Connect Discovery
+  # The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this flow at https://openid.net/specs/openid-connect-discovery-1_0.html .  Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. For a full list of clients go here: https://openid.net/developers/certified/
+  # @param [Hash] opts the optional parameters
+  # @return [OidcConfiguration]
+  describe 'discover_oidc_configuration test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for dynamic_client_registration_create_o_auth2_client
+  # Register an OAuth 2.0 Client using the OpenID / OAuth2 Dynamic Client Registration Management Protocol
+  # This endpoint behaves like the administrative counterpart (&#x60;createOAuth2Client&#x60;) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator.  Please note that using this endpoint you are not able to choose the &#x60;client_secret&#x60; nor the &#x60;client_id&#x60; as those values will be server generated when specifying &#x60;token_endpoint_auth_method&#x60; as &#x60;client_secret_basic&#x60; or &#x60;client_secret_post&#x60;.  The &#x60;client_secret&#x60; will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somewhere safe.
+  # @param o_auth2_client
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'dynamic_client_registration_create_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for dynamic_client_registration_delete_o_auth2_client
+  # Deletes an OAuth 2.0 Client using the OpenID / OAuth2 Dynamic Client Registration Management Protocol
+  # This endpoint behaves like the administrative counterpart (&#x60;deleteOAuth2Client&#x60;) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator.  To use this endpoint, you will need to present the client&#39;s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method &#x60;client_secret_post&#x60;, you need to present the client secret in the URL query. If it uses &#x60;client_secret_basic&#x60;, present the Client ID and the Client Secret in the Authorization header.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'dynamic_client_registration_delete_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for dynamic_client_registration_get_o_auth2_client
+  # Get an OAuth 2.0 Client using the OpenID / OAuth2 Dynamic Client Registration Management Protocol
+  # This endpoint behaves like the administrative counterpart (&#x60;getOAuth2Client&#x60;) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator.  To use this endpoint, you will need to present the client&#39;s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method &#x60;client_secret_post&#x60;, you need to present the client secret in the URL query. If it uses &#x60;client_secret_basic&#x60;, present the Client ID and the Client Secret in the Authorization header.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'dynamic_client_registration_get_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for dynamic_client_registration_update_o_auth2_client
+  # Update an OAuth 2.0 Client using the OpenID / OAuth2 Dynamic Client Registration Management Protocol
+  # This endpoint behaves like the administrative counterpart (&#x60;updateOAuth2Client&#x60;) but is capable of facing the public internet directly and can be used in self-service. It implements the OpenID Connect Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint is disabled by default. It can be enabled by an administrator.  If you pass &#x60;client_secret&#x60; the secret is used, otherwise a random secret is generated. The secret is echoed in the response. It is not possible to retrieve it later on.  To use this endpoint, you will need to present the client&#39;s authentication credentials. If the OAuth2 Client uses the Token Endpoint Authentication Method &#x60;client_secret_post&#x60;, you need to present the client secret in the URL query. If it uses &#x60;client_secret_basic&#x60;, present the Client ID and the Client Secret in the Authorization header.  OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
+  # @param id The id of the OAuth 2.0 Client.
+  # @param o_auth2_client
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2Client]
+  describe 'dynamic_client_registration_update_o_auth2_client test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for get_identity_schema
   # Get a JSON Schema
   # @param id ID must be set to the ID of schema you want to get
@@ -220,8 +715,19 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for get_oidc_user_info
+  # OpenID Connect Userinfo
+  # This endpoint returns the payload of the ID Token, including the idTokenExtra values, of the provided OAuth 2.0 Access Token.  For more information please [refer to the spec](http://openid.net/specs/openid-connect-core-1_0.html#UserInfo).  In the case of authentication error, a WWW-Authenticate header might be set in the response with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) for more details about header format.
+  # @param [Hash] opts the optional parameters
+  # @return [OidcUserInfo]
+  describe 'get_oidc_user_info test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for get_project
-  # # Get a Project
+  # Get a Project
   # Get a projects you have access to by its ID.
   # @param project_id Project ID  The project&#39;s ID.
   # @param [Hash] opts the optional parameters
@@ -310,7 +816,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for get_self_service_verification_flow
-  # # Get Verification Flow
+  # Get Verification Flow
   # This endpoint returns a verification flow&#39;s context with, for example, error details and other information.  Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.  If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/recovery&#39;, async function (req, res) { const flow &#x3D; await client.getSelfServiceVerificationFlow(req.header(&#39;cookie&#39;), req.query[&#39;flow&#39;])  res.render(&#39;verification&#39;, flow) })  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
   # @param id The Flow ID  The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
   # @param [Hash] opts the optional parameters
@@ -340,6 +846,7 @@ describe 'V0alpha2Api' do
   # @option opts [Boolean] :refresh Refresh a login session  If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.
   # @option opts [String] :aal Request a Specific AuthenticationMethod Assurance Level  Use this parameter to upgrade an existing session&#39;s authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to \&quot;upgrade\&quot; the session&#39;s security by asking the user to perform TOTP / WebAuth/ ... you would set this to \&quot;aal2\&quot;.
   # @option opts [String] :return_to The URL to return the browser to after the flow was completed.
+  # @option opts [String] :cookie HTTP Cookies  When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.
   # @return [SelfServiceLoginFlow]
   describe 'initialize_self_service_login_flow_for_browsers test' do
     it 'should work' do
@@ -375,7 +882,7 @@ describe 'V0alpha2Api' do
   # unit tests for initialize_self_service_recovery_flow_without_browser
   # Initialize Recovery Flow for APIs, Services, Apps, ...
-  # This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on.  If a valid provided session cookie or session token is provided, a 400 Bad Request error.  To fetch an existing recovery flow call &#x60;/self-service/recovery/flows?flow&#x3D;&lt;flow_id&gt;&#x60;.  You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks.  This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).   More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).
+  # This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on.  If a valid provided session cookie or session token is provided, a 400 Bad Request error.  To fetch an existing recovery flow call &#x60;/self-service/recovery/flows?flow&#x3D;&lt;flow_id&gt;&#x60;.  You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make you vulnerable to a variety of CSRF attacks.  This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).  More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery).
   # @param [Hash] opts the optional parameters
   # @return [SelfServiceRecoveryFlow]
   describe 'initialize_self_service_recovery_flow_without_browser test' do
@@ -412,6 +919,7 @@ describe 'V0alpha2Api' do
   # This endpoint initializes a browser-based user settings flow. Once initialized, the browser will be redirected to &#x60;selfservice.flows.settings.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If no valid Ory Kratos Session Cookie is included in the request, a login flow will be initialized.  If this endpoint is opened as a link in the browser, it will be redirected to &#x60;selfservice.flows.settings.ui_url&#x60; with the flow ID set as the query parameter &#x60;?flow&#x3D;&#x60;. If no valid user session was set, the browser will be redirected to the login endpoint.  If this endpoint is called via an AJAX request, the response contains the settings flow without any redirects or a 401 forbidden error if no valid session was set.  Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration.  If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the &#x60;error.id&#x60; of the JSON response body can be one of:  &#x60;security_csrf_violation&#x60;: Unable to fetch the flow because a CSRF violation occurred. &#x60;session_inactive&#x60;: No Ory Session was found - sign in a user first. &#x60;security_identity_mismatch&#x60;: The requested &#x60;?return_to&#x60; address is not allowed to be used. Adjust this in the configuration!  This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, ...) as cookies are needed.  More information can be found at [Ory Kratos User Settings &amp; Profile Management Documentation](../self-service/flows/user-settings).
   # @param [Hash] opts the optional parameters
   # @option opts [String] :return_to The URL to return the browser to after the flow was completed.
+  # @option opts [String] :cookie HTTP Cookies  When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.
   # @return [SelfServiceSettingsFlow]
   describe 'initialize_self_service_settings_flow_for_browsers test' do
     it 'should work' do
@@ -467,7 +975,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for list_project_api_keys
-  # # List a Project&#39;s API Tokens
+  # List a Project&#39;s API Tokens
   # A list of all the project&#39;s API tokens.
   # @param project The Project ID or Project slug
   # @param [Hash] opts the optional parameters
@@ -479,7 +987,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for list_projects
-  # # List All Projects
+  # List All Projects
   # Lists all projects you have access to.
   # @param [Hash] opts the optional parameters
   # @return [Array<ProjectMetadata>]
@@ -517,8 +1025,46 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for perform_o_auth2_authorization_flow
+  # The OAuth 2.0 Authorize Endpoint
+  # This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists.  To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749
+  # @param [Hash] opts the optional parameters
+  # @return [OAuth2ApiError]
+  describe 'perform_o_auth2_authorization_flow test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for perform_o_auth2_token_flow
+  # The OAuth 2.0 Token Endpoint
+  # The client makes a request to the token endpoint by sending the following parameters using the \&quot;application/x-www-form-urlencoded\&quot; HTTP request entity-body.  &gt; Do not implement a client for this endpoint yourself. Use a library. There are many libraries &gt; available for any programming language. You can find a list of libraries here: https://oauth.net/code/ &gt; &gt; Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed above
+  # @param grant_type
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :client_id
+  # @option opts [String] :code
+  # @option opts [String] :redirect_uri
+  # @option opts [String] :refresh_token
+  # @return [OAuth2TokenResponse]
+  describe 'perform_o_auth2_token_flow test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
+  # unit tests for perform_oidc_front_or_back_channel_logout
+  # OpenID Connect Front- or Back-channel Enabled Logout
+  # This endpoint initiates and completes user logout at Ory Hydra and initiates OpenID Connect Front- / Back-channel logout:  https://openid.net/specs/openid-connect-frontchannel-1_0.html https://openid.net/specs/openid-connect-backchannel-1_0.html  Back-channel logout is performed asynchronously and does not affect logout flow.
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'perform_oidc_front_or_back_channel_logout test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for purge_project
-  # # Irrecoverably Purge a Project
+  # Irrecoverably Purge a Project
   # !! Use with extreme caution !!  Using this API endpoint you can purge (completely delete) a project and its data. This action can not be undone and will delete ALL your data.  !! Use with extreme caution !!
   # @param project_id Project ID  The project&#39;s ID.
   # @param [Hash] opts the optional parameters
@@ -542,6 +1088,18 @@ describe 'V0alpha2Api' do
     end
   end
+  # unit tests for revoke_o_auth2_token
+  # Revoke an OAuth2 Access or Refresh Token
+  # Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by the client the token was generated for.
+  # @param token
+  # @param [Hash] opts the optional parameters
+  # @return [nil]
+  describe 'revoke_o_auth2_token test' do
+    it 'should work' do
+      # assertion here. ref: https://www.relishapp.com/rspec/rspec-expectations/docs/built-in-matchers
+    end
+  end
   # unit tests for revoke_session
   # Calling this endpoint invalidates the specified session. The current session cannot be revoked. Session data are not deleted.
   # This endpoint is useful for:  To forcefully logout the current user from another device or session
@@ -652,7 +1210,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for submit_self_service_verification_flow
-  # # Complete Verification Flow
+  # Complete Verification Flow
   # Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states:  &#x60;choose_method&#x60; expects &#x60;flow&#x60; (in the URL query) and &#x60;email&#x60; (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header &#x60;Accept: application/json&#x60; it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. &#x60;sent_email&#x60; is the success state after &#x60;choose_method&#x60; when using the &#x60;link&#x60; method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in &#x60;choose_method&#x60; state. &#x60;passed_challenge&#x60; expects a &#x60;token&#x60; to be sent in the URL query and given the nature of the flow (\&quot;sending a verification link\&quot;) does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid.  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
   # @param flow The Verification Flow ID  The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
   # @param submit_self_service_verification_flow_body
@@ -668,7 +1226,7 @@ describe 'V0alpha2Api' do
   # unit tests for to_session
   # Check Who the Current HTTP Session Belongs To
-  # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. Additionally when the request it successful it adds the user ID to the &#39;X-Kratos-Authenticated-Identity-Id&#39; header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/protected-endpoint&#39;, async function (req, res) { const session &#x3D; await client.toSession(undefined, req.header(&#39;cookie&#39;))  console.log(session) }) &#x60;&#x60;&#x60;  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  &#x60;&#x60;&#x60;js pseudo-code example ... const session &#x3D; await client.toSession(\&quot;the-session-token\&quot;)  console.log(session) &#x60;&#x60;&#x60;  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the &#x60;X-Session-Token&#x60; header!  This endpoint authenticates users by checking  if the &#x60;Cookie&#x60; HTTP header was set containing an Ory Kratos Session Cookie; if the &#x60;Authorization: bearer &lt;ory-session-token&gt;&#x60; HTTP header was set with a valid Ory Kratos Session Token; if the &#x60;X-Session-Token&#x60; HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cooke or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The &#x60;error.id&#x60; can be one of:  &#x60;session_inactive&#x60;: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). &#x60;session_aal2_required&#x60;: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
+  # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. Additionally when the request it successful it adds the user ID to the &#39;X-Kratos-Authenticated-Identity-Id&#39; header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/protected-endpoint&#39;, async function (req, res) { const session &#x3D; await client.toSession(undefined, req.header(&#39;cookie&#39;))  console.log(session) }) &#x60;&#x60;&#x60;  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  &#x60;&#x60;&#x60;js pseudo-code example ... const session &#x3D; await client.toSession(\&quot;the-session-token\&quot;)  console.log(session) &#x60;&#x60;&#x60;  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the &#x60;X-Session-Token&#x60; header!  # This endpoint authenticates users by checking  if the &#x60;Cookie&#x60; HTTP header was set containing an Ory Kratos Session Cookie; if the &#x60;Authorization: bearer &lt;ory-session-token&gt;&#x60; HTTP header was set with a valid Ory Kratos Session Token; if the &#x60;X-Session-Token&#x60; HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cooke or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The &#x60;error.id&#x60; can be one of:  &#x60;session_inactive&#x60;: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). &#x60;session_aal2_required&#x60;: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
   # @param [Hash] opts the optional parameters
   # @option opts [String] :x_session_token Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.
   # @option opts [String] :cookie Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;.  It is ok if more than one cookie are included here as all other cookies will be ignored.
@@ -680,7 +1238,7 @@ describe 'V0alpha2Api' do
   end
   # unit tests for update_project
-  # # Update an Ory Cloud Project Configuration
+  # Update an Ory Cloud Project Configuration
   # This endpoints allows you to update the Ory Cloud Project configuration for individual services (identity, permission, ...). The configuration is fully compatible with the open source projects for the respective services (e.g. Ory Kratos for Identity, Ory Keto for Permissions).  This endpoint expects the &#x60;version&#x60; key to be set in the payload. If it is unset, it will try to import the config as if it is from the most recent version.  If you have an older version of a configuration, you should set the version key in the payload!  While this endpoint is able to process all configuration items related to features (e.g. password reset), it does not support operational configuration items (e.g. port, tracing, logging) otherwise available in the open source.  For configuration items that can not be translated to Ory Cloud, this endpoint will return a list of warnings to help you understand which parts of your config could not be processed.  Be aware that updating any service&#39;s configuration will completely override your current configuration for that service!
   # @param project_id Project ID  The project&#39;s ID.
   # @param [Hash] opts the optional parameters