ory-client 1.1.23 → 1.1.25

data/docs/OAuth2Api.md

@@ -27,7 +27,7 @@ All URIs are relative to *https://playground.projects.oryapis.com*
 | [**reject_o_auth2_login_request**](OAuth2Api.md#reject_o_auth2_login_request) | **PUT** /admin/oauth2/auth/requests/login/reject | Reject OAuth 2.0 Login Request |
 | [**reject_o_auth2_logout_request**](OAuth2Api.md#reject_o_auth2_logout_request) | **PUT** /admin/oauth2/auth/requests/logout/reject | Reject OAuth 2.0 Session Logout Request |
 | [**revoke_o_auth2_consent_sessions**](OAuth2Api.md#revoke_o_auth2_consent_sessions) | **DELETE** /admin/oauth2/auth/sessions/consent | Revoke OAuth 2.0 Consent Sessions of a Subject |
-| [**revoke_o_auth2_login_sessions**](OAuth2Api.md#revoke_o_auth2_login_sessions) | **DELETE** /admin/oauth2/auth/sessions/login | Revokes All OAuth 2.0 Login Sessions of a Subject |
+| [**revoke_o_auth2_login_sessions**](OAuth2Api.md#revoke_o_auth2_login_sessions) | **DELETE** /admin/oauth2/auth/sessions/login | Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID |
 | [**revoke_o_auth2_token**](OAuth2Api.md#revoke_o_auth2_token) | **POST** /oauth2/revoke | Revoke OAuth 2.0 Access or Refresh Token |
 | [**set_o_auth2_client**](OAuth2Api.md#set_o_auth2_client) | **PUT** /admin/clients/{id} | Set OAuth 2.0 Client |
 | [**set_o_auth2_client_lifespans**](OAuth2Api.md#set_o_auth2_client_lifespans) | **PUT** /admin/clients/{id}/lifespans | Set OAuth2 Client Token Lifespans |
@@ -1334,7 +1334,7 @@ end
 
 api_instance = OryClient::OAuth2Api.new
 id = 'id_example' # String | The id of the OAuth 2.0 Client.
-json_patch = [OryClient::JsonPatch.new({op: 'add', path: '/services/identity/config/smtp/from_name'})] # Array<JsonPatch> | OAuth 2.0 Client JSON Patch Body
+json_patch = [OryClient::JsonPatch.new({op: 'add', path: '/name'})] # Array<JsonPatch> | OAuth 2.0 Client JSON Patch Body
 
 begin
   # Patch OAuth 2.0 Client
@@ -1674,11 +1674,11 @@ nil (empty response body)
 
 ## revoke_o_auth2_login_sessions
 
-> revoke_o_auth2_login_sessions(subject)
+> revoke_o_auth2_login_sessions(opts)
 
-Revokes All OAuth 2.0 Login Sessions of a Subject
+Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID
 
-This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and does not work with OpenID Connect Front- or Back-channel logout.
+This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens.  If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpennID Connect Front- or Back-channel logout is performed in this case.  Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case.
 
 ### Examples
 
@@ -1692,11 +1692,14 @@ OryClient.configure do |config|
 end
 
 api_instance = OryClient::OAuth2Api.new
-subject = 'subject_example' # String | OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+opts = {
+  subject: 'subject_example', # String | OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+  sid: 'sid_example' # String | OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+}
 
 begin
-  # Revokes All OAuth 2.0 Login Sessions of a Subject
-  api_instance.revoke_o_auth2_login_sessions(subject)
+  # Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID
+  api_instance.revoke_o_auth2_login_sessions(opts)
 rescue OryClient::ApiError => e
   puts "Error when calling OAuth2Api->revoke_o_auth2_login_sessions: #{e}"
 end
@@ -1706,12 +1709,12 @@ end
 
 This returns an Array which contains the response data (`nil` in this case), status code and headers.
 
-> <Array(nil, Integer, Hash)> revoke_o_auth2_login_sessions_with_http_info(subject)
+> <Array(nil, Integer, Hash)> revoke_o_auth2_login_sessions_with_http_info(opts)
 
 ```ruby
 begin
-  # Revokes All OAuth 2.0 Login Sessions of a Subject
-  data, status_code, headers = api_instance.revoke_o_auth2_login_sessions_with_http_info(subject)
+  # Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID
+  data, status_code, headers = api_instance.revoke_o_auth2_login_sessions_with_http_info(opts)
   p status_code # => 2xx
   p headers # => { ... }
   p data # => nil
@@ -1724,7 +1727,8 @@ end
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
-| **subject** | **String** | OAuth 2.0 Subject  The subject to revoke authentication sessions for. |  |
+| **subject** | **String** | OAuth 2.0 Subject  The subject to revoke authentication sessions for. | [optional] |
+| **sid** | **String** | OAuth 2.0 Subject  The subject to revoke authentication sessions for. | [optional] |
 
 ### Return type
 

data/docs/OAuth2Client.md

@@ -46,7 +46,7 @@
 | **sector_identifier_uri** | **String** | OpenID Connect Sector Identifier URI  URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values. | [optional] |
 | **skip_consent** | **Boolean** | SkipConsent skips the consent screen for this client. This field can only be set from the admin API. | [optional] |
 | **subject_type** | **String** | OpenID Connect Subject Type  The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`. | [optional] |
-| **token_endpoint_auth_method** | **String** | OAuth 2.0 Token Endpoint Authentication Method  Requested Client Authentication method for the Token Endpoint. The options are:  `client_secret_post`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. `client_secret_basic`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets. | [optional] |
+| **token_endpoint_auth_method** | **String** | OAuth 2.0 Token Endpoint Authentication Method  Requested Client Authentication method for the Token Endpoint. The options are:  `client_secret_basic`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. `client_secret_post`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets. | [optional][default to 'client_secret_basic'] |
 | **token_endpoint_auth_signing_alg** | **String** | OAuth 2.0 Token Endpoint Signing Algorithm  Requested Client Authentication signing algorithm for the Token Endpoint. | [optional] |
 | **tos_uri** | **String** | OAuth 2.0 Client Terms of Service URI  A URL string pointing to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client. | [optional] |
 | **updated_at** | **Time** | OAuth 2.0 Client Last Update Date  UpdatedAt returns the timestamp of the last update. | [optional] |

data/docs/PatchIdentitiesBody.md

@@ -0,0 +1,18 @@
+# OryClient::PatchIdentitiesBody
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **identities** | [**Array<IdentityPatch>**](IdentityPatch.md) | Identities holds the list of patches to apply  required | [optional] |
+
+## Example
+
+```ruby
+require 'ory-client'
+
+instance = OryClient::PatchIdentitiesBody.new(
+  identities: null
+)
+```
+

data/docs/ProjectApi.md

@@ -594,7 +594,7 @@ end
 api_instance = OryClient::ProjectApi.new
 project_id = 'project_id_example' # String | Project ID  The project's ID.
 opts = {
-  json_patch: [OryClient::JsonPatch.new({op: 'add', path: '/services/identity/config/smtp/from_name'})] # Array<JsonPatch> | 
+  json_patch: [OryClient::JsonPatch.new({op: 'add', path: '/name'})] # Array<JsonPatch> | 
 }
 
 begin

data/docs/SettingsFlow.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **active** | **String** | Active, if set, contains the registration method that is being used. It is initially not set. | [optional] |
+| **continue_with** | [**Array<ContinueWith>**](ContinueWith.md) | Contains a list of actions, that could follow this flow  It can, for example, contain a reference to the verification flow, created as part of the user's registration. | [optional] |
 | **expires_at** | **Time** | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to update the setting, a new flow has to be initiated. |  |
 | **id** | **String** | ID represents the flow's unique ID. When performing the settings flow, this represents the id in the settings ui's query parameter: http://<selfservice.flows.settings.ui_url>?flow=<id> |  |
 | **identity** | [**Identity**](Identity.md) |  |  |
@@ -22,6 +23,7 @@ require 'ory-client'
 
 instance = OryClient::SettingsFlow.new(
   active: null,
+  continue_with: null,
   expires_at: null,
   id: null,
   identity: null,

data/docs/SuccessfulNativeRegistration.md

@@ -4,6 +4,7 @@
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
+| **continue_with** | [**Array<ContinueWith>**](ContinueWith.md) | Contains a list of actions, that could follow this flow  It can, for example, this will contain a reference to the verification flow, created as part of the user's registration or the token of the session. | [optional] |
 | **identity** | [**Identity**](Identity.md) |  |  |
 | **session** | [**Session**](Session.md) |  | [optional] |
 | **session_token** | **String** | The Session Token  This field is only set when the session hook is configured as a post-registration hook.  A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization Header:  Authorization: bearer ${session-token}  The session token is only issued for API flows, not for Browser flows! | [optional] |
@@ -14,6 +15,7 @@
 require 'ory-client'
 
 instance = OryClient::SuccessfulNativeRegistration.new(
+  continue_with: null,
   identity: null,
   session: null,
   session_token: null

data/docs/UpdateVerificationFlowBody.md

@@ -14,6 +14,7 @@ require 'ory-client'
 OryClient::UpdateVerificationFlowBody.openapi_one_of
 # =>
 # [
+#   :'UpdateVerificationFlowWithCodeMethod',
 #   :'UpdateVerificationFlowWithLinkMethod'
 # ]
 ```
@@ -43,6 +44,7 @@ require 'ory-client'
 OryClient::UpdateVerificationFlowBody.openapi_discriminator_mapping
 # =>
 # {
+#   :'code' => :'UpdateVerificationFlowWithCodeMethod',
 #   :'link' => :'UpdateVerificationFlowWithLinkMethod'
 # }
 
@@ -56,7 +58,7 @@ Find the appropriate object from the `openapi_one_of` list and casts the data in
 require 'ory-client'
 
 OryClient::UpdateVerificationFlowBody.build(data)
-# => #<UpdateVerificationFlowWithLinkMethod:0x00007fdd4aab02a0>
+# => #<UpdateVerificationFlowWithCodeMethod:0x00007fdd4aab02a0>
 
 OryClient::UpdateVerificationFlowBody.build(data_that_doesnt_match)
 # => nil
@@ -70,6 +72,7 @@ OryClient::UpdateVerificationFlowBody.build(data_that_doesnt_match)
 
 #### Return type
 
+- `UpdateVerificationFlowWithCodeMethod`
 - `UpdateVerificationFlowWithLinkMethod`
 - `nil` (if no type matches)
 

data/docs/{UpdateVerificationFlowWithCodeMethodBody.md → UpdateVerificationFlowWithCodeMethod.md}

@@ -1,4 +1,4 @@
-# OryClient::UpdateVerificationFlowWithCodeMethodBody
+# OryClient::UpdateVerificationFlowWithCodeMethod
 
 ## Properties
 
@@ -15,7 +15,7 @@
 ```ruby
 require 'ory-client'
 
-instance = OryClient::UpdateVerificationFlowWithCodeMethodBody.new(
+instance = OryClient::UpdateVerificationFlowWithCodeMethod.new(
   code: null,
   csrf_token: null,
   email: null,

data/lib/ory-client/api/courier_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/frontend_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -341,7 +341,7 @@ module OryClient
     end
 
     # Create Verification Flow for Browser Clients
-    # This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to `selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`.  If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects.  This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to `selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`.  If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects.  This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param [Hash] opts the optional parameters
     # @option opts [String] :return_to The URL to return the browser to after the flow was completed.
     # @return [VerificationFlow]
@@ -351,7 +351,7 @@ module OryClient
     end
 
     # Create Verification Flow for Browser Clients
-    # This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to `selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`.  If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects.  This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to `selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`.  If this endpoint is called via an AJAX request, the response contains the recovery flow without any redirects.  This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param [Hash] opts the optional parameters
     # @option opts [String] :return_to The URL to return the browser to after the flow was completed.
     # @return [Array<(VerificationFlow, Integer, Hash)>] VerificationFlow data, response status code and response headers
@@ -1165,7 +1165,7 @@ module OryClient
     end
 
     # Get Verification Flow
-    # This endpoint returns a verification flow's context with, for example, error details and other information.  Browser flows expect the anti-CSRF cookie to be included in the request's HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.  If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:  ```js pseudo-code example router.get('/recovery', async function (req, res) { const flow = await client.getVerificationFlow(req.header('cookie'), req.query['flow'])  res.render('verification', flow) })  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # This endpoint returns a verification flow's context with, for example, error details and other information.  Browser flows expect the anti-CSRF cookie to be included in the request's HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.  If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:  ```js pseudo-code example router.get('/recovery', async function (req, res) { const flow = await client.getVerificationFlow(req.header('cookie'), req.query['flow'])  res.render('verification', flow) }) ```  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param id [String] The Flow ID  The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
     # @param [Hash] opts the optional parameters
     # @option opts [String] :cookie HTTP Cookies  When using the SDK on the server side you must include the HTTP Cookie Header originally sent to your HTTP handler here.
@@ -1176,7 +1176,7 @@ module OryClient
     end
 
     # Get Verification Flow
-    # This endpoint returns a verification flow&#39;s context with, for example, error details and other information.  Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.  If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/recovery&#39;, async function (req, res) { const flow &#x3D; await client.getVerificationFlow(req.header(&#39;cookie&#39;), req.query[&#39;flow&#39;])  res.render(&#39;verification&#39;, flow) })  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # This endpoint returns a verification flow&#39;s context with, for example, error details and other information.  Browser flows expect the anti-CSRF cookie to be included in the request&#39;s HTTP Cookie Header. For AJAX requests you must ensure that cookies are included in the request or requests will fail.  If you use the browser-flow for server-side apps, the services need to run on a common top-level-domain and you need to forward the incoming HTTP Cookie header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/recovery&#39;, async function (req, res) { const flow &#x3D; await client.getVerificationFlow(req.header(&#39;cookie&#39;), req.query[&#39;flow&#39;])  res.render(&#39;verification&#39;, flow) }) &#x60;&#x60;&#x60;  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param id [String] The Flow ID  The value for this parameter comes from &#x60;request&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
     # @param [Hash] opts the optional parameters
     # @option opts [String] :cookie HTTP Cookies  When using the SDK on the server side you must include the HTTP Cookie Header originally sent to your HTTP handler here.
@@ -1885,7 +1885,7 @@ module OryClient
     end
 
     # Complete Verification Flow
-    # Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states:  `choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. `sent_email` is the success state after `choose_method` when using the `link` method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow (\"sending a verification link\") does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid.  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states:  `choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header `Accept: application/json` it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header `Accept` or with `Accept: text/*` it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. `sent_email` is the success state after `choose_method` when using the `link` method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state. `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow (\"sending a verification link\") does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid.  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param flow [String] The Verification Flow ID  The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
     # @param update_verification_flow_body [UpdateVerificationFlowBody] 
     # @param [Hash] opts the optional parameters
@@ -1898,7 +1898,7 @@ module OryClient
     end
 
     # Complete Verification Flow
-    # Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states:  &#x60;choose_method&#x60; expects &#x60;flow&#x60; (in the URL query) and &#x60;email&#x60; (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header &#x60;Accept: application/json&#x60; it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. &#x60;sent_email&#x60; is the success state after &#x60;choose_method&#x60; when using the &#x60;link&#x60; method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in &#x60;choose_method&#x60; state. &#x60;passed_challenge&#x60; expects a &#x60;token&#x60; to be sent in the URL query and given the nature of the flow (\&quot;sending a verification link\&quot;) does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid.  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+    # Use this endpoint to complete a verification flow. This endpoint behaves differently for API and browser flows and has several states:  &#x60;choose_method&#x60; expects &#x60;flow&#x60; (in the URL query) and &#x60;email&#x60; (in the body) to be sent and works with API- and Browser-initiated flows. For API clients and Browser clients with HTTP Header &#x60;Accept: application/json&#x60; it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 303 See Other redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired). For Browser clients without HTTP Header &#x60;Accept&#x60; or with &#x60;Accept: text/*&#x60; it returns a HTTP 303 See Other redirect to the Verification UI URL with the Verification Flow ID appended. &#x60;sent_email&#x60; is the success state after &#x60;choose_method&#x60; when using the &#x60;link&#x60; method and allows the user to request another verification email. It works for both API and Browser-initiated flows and returns the same responses as the flow in &#x60;choose_method&#x60; state. &#x60;passed_challenge&#x60; expects a &#x60;token&#x60; to be sent in the URL query and given the nature of the flow (\&quot;sending a verification link\&quot;) does not have any API capabilities. The server responds with a HTTP 303 See Other redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with a new Verification Flow ID which contains an error message that the verification link was invalid.  More information can be found at [Ory Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation).
     # @param flow [String] The Verification Flow ID  The value for this parameter comes from &#x60;flow&#x60; URL Query parameter sent to your application (e.g. &#x60;/verification?flow&#x3D;abcde&#x60;).
     # @param update_verification_flow_body [UpdateVerificationFlowBody] 
     # @param [Hash] opts the optional parameters

data/lib/ory-client/api/identity_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -19,6 +19,70 @@ module OryClient
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
+    # Create and deletes multiple identities
+    # Creates or delete multiple [identities](https://www.ory.sh/docs/kratos/concepts/identity-user-model). This endpoint can also be used to [import credentials](https://www.ory.sh/docs/kratos/manage-identities/import-user-accounts-identities) for instance passwords, social sign in configurations or multifactor methods.
+    # @param [Hash] opts the optional parameters
+    # @option opts [PatchIdentitiesBody] :patch_identities_body 
+    # @return [BatchPatchIdentitiesResponse]
+    def batch_patch_identities(opts = {})
+      data, _status_code, _headers = batch_patch_identities_with_http_info(opts)
+      data
+    end
+
+    # Create and deletes multiple identities
+    # Creates or delete multiple [identities](https://www.ory.sh/docs/kratos/concepts/identity-user-model). This endpoint can also be used to [import credentials](https://www.ory.sh/docs/kratos/manage-identities/import-user-accounts-identities) for instance passwords, social sign in configurations or multifactor methods.
+    # @param [Hash] opts the optional parameters
+    # @option opts [PatchIdentitiesBody] :patch_identities_body 
+    # @return [Array<(BatchPatchIdentitiesResponse, Integer, Hash)>] BatchPatchIdentitiesResponse data, response status code and response headers
+    def batch_patch_identities_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: IdentityApi.batch_patch_identities ...'
+      end
+      # resource path
+      local_var_path = '/admin/identities'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'patch_identities_body'])
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'BatchPatchIdentitiesResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oryAccessToken']
+
+      new_options = opts.merge(
+        :operation => :"IdentityApi.batch_patch_identities",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:PATCH, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: IdentityApi#batch_patch_identities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Create an Identity
     # Create an [identity](https://www.ory.sh/docs/kratos/concepts/identity-user-model).  This endpoint can also be used to [import credentials](https://www.ory.sh/docs/kratos/manage-identities/import-user-accounts-identities) for instance passwords, social sign in configurations or multifactor methods.
     # @param [Hash] opts the optional parameters

data/lib/ory-client/api/jwk_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/metadata_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/o_auth2_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -1585,35 +1585,34 @@ module OryClient
       return data, status_code, headers
     end
 
-    # Revokes All OAuth 2.0 Login Sessions of a Subject
-    # This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and does not work with OpenID Connect Front- or Back-channel logout.
-    # @param subject [String] OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+    # Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID
+    # This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens.  If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpennID Connect Front- or Back-channel logout is performed in this case.  Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case.
     # @param [Hash] opts the optional parameters
+    # @option opts [String] :subject OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+    # @option opts [String] :sid OAuth 2.0 Subject  The subject to revoke authentication sessions for.
     # @return [nil]
-    def revoke_o_auth2_login_sessions(subject, opts = {})
-      revoke_o_auth2_login_sessions_with_http_info(subject, opts)
+    def revoke_o_auth2_login_sessions(opts = {})
+      revoke_o_auth2_login_sessions_with_http_info(opts)
       nil
     end
 
-    # Revokes All OAuth 2.0 Login Sessions of a Subject
-    # This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and does not work with OpenID Connect Front- or Back-channel logout.
-    # @param subject [String] OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+    # Revokes OAuth 2.0 Login Sessions by either a Subject or a SessionID
+    # This endpoint invalidates authentication sessions. After revoking the authentication session(s), the subject has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens.  If you send the subject in a query param, all authentication sessions that belong to that subject are revoked. No OpennID Connect Front- or Back-channel logout is performed in this case.  Alternatively, you can send a SessionID via `sid` query param, in which case, only the session that is connected to that SessionID is revoked. OpenID Connect Back-channel logout is performed in this case.
     # @param [Hash] opts the optional parameters
+    # @option opts [String] :subject OAuth 2.0 Subject  The subject to revoke authentication sessions for.
+    # @option opts [String] :sid OAuth 2.0 Subject  The subject to revoke authentication sessions for.
     # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
-    def revoke_o_auth2_login_sessions_with_http_info(subject, opts = {})
+    def revoke_o_auth2_login_sessions_with_http_info(opts = {})
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: OAuth2Api.revoke_o_auth2_login_sessions ...'
       end
-      # verify the required parameter 'subject' is set
-      if @api_client.config.client_side_validation && subject.nil?
-        fail ArgumentError, "Missing the required parameter 'subject' when calling OAuth2Api.revoke_o_auth2_login_sessions"
-      end
       # resource path
       local_var_path = '/admin/oauth2/auth/sessions/login'
 
       # query parameters
       query_params = opts[:query_params] || {}
-      query_params[:'subject'] = subject
+      query_params[:'subject'] = opts[:'subject'] if !opts[:'subject'].nil?
+      query_params[:'sid'] = opts[:'sid'] if !opts[:'sid'].nil?
 
       # header parameters
       header_params = opts[:header_params] || {}

data/lib/ory-client/api/oidc_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/permission_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/project_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/relationship_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/wellknown_api.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api_client.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api_error.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/configuration.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_consent_request.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_consent_request_session.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_login_request.rb

@@ -3,7 +3,7 @@
 
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers. 
 
-The version of the OpenAPI document: v1.1.23
+The version of the OpenAPI document: v1.1.25
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -22,6 +22,9 @@ module OryClient
 
     attr_accessor :context
 
+    # Extend OAuth2 authentication session lifespan  If set to `true`, the OAuth2 authentication cookie lifespan is extended. This is for example useful if you want the user to be able to use `prompt=none` continuously.  This value can only be set to `true` if the user has an authentication, which is the case if the `skip` value is `true`.
+    attr_accessor :extend_session_lifespan
+
     # ForceSubjectIdentifier forces the \"pairwise\" user ID of the end-user that authenticated. The \"pairwise\" user ID refers to the (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID Connect specification. It allows you to set an obfuscated subject (\"user\") identifier that is unique to the client.  Please note that this changes the user ID on endpoint /userinfo and sub claim of the ID Token. It does not change the sub claim in the OAuth 2.0 Introspection.  Per default, ORY Hydra handles this value with its own algorithm. In case you want to set this yourself you can use this field. Please note that setting this field has no effect if `pairwise` is not configured in ORY Hydra or the OAuth 2.0 Client does not expect a pairwise identifier (set via `subject_type` key in the client's configuration).  Please also be aware that ORY Hydra is unable to properly compute this value during authentication. This implies that you have to compute this value on every authentication process (probably depending on the client ID or some other unique value).  If you fail to compute the proper value, then authentication processes which have id_token_hint set might fail.
     attr_accessor :force_subject_identifier
 
@@ -40,6 +43,7 @@ module OryClient
         :'acr' => :'acr',
         :'amr' => :'amr',
         :'context' => :'context',
+        :'extend_session_lifespan' => :'extend_session_lifespan',
         :'force_subject_identifier' => :'force_subject_identifier',
         :'remember' => :'remember',
         :'remember_for' => :'remember_for',
@@ -58,6 +62,7 @@ module OryClient
         :'acr' => :'String',
         :'amr' => :'Array<String>',
         :'context' => :'Object',
+        :'extend_session_lifespan' => :'Boolean',
         :'force_subject_identifier' => :'String',
         :'remember' => :'Boolean',
         :'remember_for' => :'Integer',
@@ -100,6 +105,10 @@ module OryClient
         self.context = attributes[:'context']
       end
 
+      if attributes.key?(:'extend_session_lifespan')
+        self.extend_session_lifespan = attributes[:'extend_session_lifespan']
+      end
+
       if attributes.key?(:'force_subject_identifier')
         self.force_subject_identifier = attributes[:'force_subject_identifier']
       end
@@ -143,6 +152,7 @@ module OryClient
           acr == o.acr &&
           amr == o.amr &&
           context == o.context &&
+          extend_session_lifespan == o.extend_session_lifespan &&
           force_subject_identifier == o.force_subject_identifier &&
           remember == o.remember &&
           remember_for == o.remember_for &&
@@ -158,7 +168,7 @@ module OryClient
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [acr, amr, context, force_subject_identifier, remember, remember_for, subject].hash
+      [acr, amr, context, extend_session_lifespan, force_subject_identifier, remember, remember_for, subject].hash
     end
 
     # Builds the object from hash