RubyGems - ory-client - Versions diffs - 1.2.6 → 1.2.8 - Mend

ory-client 1.2.6 → 1.2.8

Files changed (485) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a35c9f3d5ce1cee80f56d554568481e3fff6c153ed6019e60cc93a381f8c119a
-  data.tar.gz: 9dc9da5c79e40a46f932dfd6329dfc27375777b521538c0afbdafd9e7a6312b4
+  metadata.gz: 494a3973952e1081414cf0665a4e12f3c4c990d0ce7389b71c1c24fe6652258a
+  data.tar.gz: b2136c77041f520496b618b9ca20f50200284e60bc9211cc21eeafa734b59440
 SHA512:
-  metadata.gz: 30f0dc837306bd3fcc196b07f05d8dfcd31962668e08d6ee2d052c3426c298fb2d5655ab1872a0fb5353e980425abba85874a17c1907abae542f237880d0b7bf
-  data.tar.gz: 3339e24aded743627e2012f476096b18f90c570a2724f4a3309cdd49a8d592aeb4bcfbb177832286f3226333c330db69643affb75fd6567639937a5df1838807
+  metadata.gz: a1b7af8673a23458334af152c2449e07d38f1c1e0ab1a1c483753f932bf93c74a16a02b044e9949bd5b3d8e1dda3c487ada6e0e405c9e7e12733e23c2c6894ae
+  data.tar.gz: 9651dee0b489ce8af8e31844773dc13aa39e95fdf0be8b7455523fa297d55d00f6cd5fb1bbdb4239771acf036f5315e2e50c63b9f90251adb2af27e4a6dc1df6

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    ory-client (1.2.6)
+    ory-client (1.2.8)
       typhoeus (~> 1.0, >= 1.0.1)
 GEM

data/README.md CHANGED Viewed

@@ -8,8 +8,8 @@ with a valid Personal Access Token. Public APIs are mostly used in browsers.
 This SDK is automatically generated by the [OpenAPI Generator](https://openapi-generator.tech) project:
-- API version: v1.2.6
-- Package version: v1.2.6
+- API version: v1.2.8
+- Package version: v1.2.8
 - Build package: org.openapitools.codegen.languages.RubyClientCodegen
 ## Installation
@@ -25,16 +25,16 @@ gem build ory-client.gemspec
 Then either install the gem locally:
 ```shell
-gem install ./ory-client-v1.2.6.gem
+gem install ./ory-client-v1.2.8.gem
 ```
-(for development, run `gem install --dev ./ory-client-v1.2.6.gem` to install the development dependencies)
+(for development, run `gem install --dev ./ory-client-v1.2.8.gem` to install the development dependencies)
 or publish the gem to a gem hosting service, e.g. [RubyGems](https://rubygems.org/).
 Finally add this to the Gemfile:
-    gem 'ory-client', '~> v1.2.6'
+    gem 'ory-client', '~> v1.2.8'
 ### Install from Git
@@ -305,6 +305,7 @@ Class | Method | HTTP request | Description
  - [OryClient::NormalizedProjectRevisionHook](docs/NormalizedProjectRevisionHook.md)
  - [OryClient::NormalizedProjectRevisionIdentitySchema](docs/NormalizedProjectRevisionIdentitySchema.md)
  - [OryClient::NormalizedProjectRevisionThirdPartyProvider](docs/NormalizedProjectRevisionThirdPartyProvider.md)
+ - [OryClient::NormalizedProjectRevisionTokenizerTemplate](docs/NormalizedProjectRevisionTokenizerTemplate.md)
  - [OryClient::OAuth2Client](docs/OAuth2Client.md)
  - [OryClient::OAuth2ClientTokenLifespans](docs/OAuth2ClientTokenLifespans.md)
  - [OryClient::OAuth2ConsentRequest](docs/OAuth2ConsentRequest.md)

data/docs/FrontendApi.md CHANGED Viewed

@@ -1591,7 +1591,7 @@ No authorization required
 Check Who the Current HTTP Session Belongs To
-Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
+Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  When using a token template, the token is included in the `tokenized` field of the session.  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\", { tokenize_as: \"example-jwt-template\" })  console.log(session.tokenized) // The JWT ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
 ### Examples
@@ -1602,7 +1602,8 @@ require 'ory-client'
 api_instance = OryClient::FrontendApi.new
 opts = {
   x_session_token: 'MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj', # String | Set the Session Token when calling from non-browser clients. A session token has a format of `MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj`.
-  cookie: 'ory_session=a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f==' # String | Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: `ory_kratos_session=a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f==`.  It is ok if more than one cookie are included here as all other cookies will be ignored.
+  cookie: 'ory_session=a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f==', # String | Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: `ory_kratos_session=a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f==`.  It is ok if more than one cookie are included here as all other cookies will be ignored.
+  tokenize_as: 'tokenize_as_example' # String | Returns the session additionally as a token (such as a JWT)  The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](http://ory.sh/docs/identities/session-to-jwt-cors).
 }
 begin
@@ -1638,6 +1639,7 @@ end
 | ---- | ---- | ----------- | ----- |
 | **x_session_token** | **String** | Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;. | [optional] |
 | **cookie** | **String** | Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;.  It is ok if more than one cookie are included here as all other cookies will be ignored. | [optional] |
+| **tokenize_as** | **String** | Returns the session additionally as a token (such as a JWT)  The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](http://ory.sh/docs/identities/session-to-jwt-cors). | [optional] |
 ### Return type

data/docs/NormalizedProjectRevision.md CHANGED Viewed

@@ -171,6 +171,7 @@
 | **kratos_session_cookie_same_site** | **String** | Configures the Ory Kratos Session Cookie SameSite Attribute  This governs the \&quot;session.cookie.same_site\&quot; setting. | [optional] |
 | **kratos_session_lifespan** | **String** | Configures the Ory Kratos Session Lifespan  This governs the \&quot;session.lifespan\&quot; setting. | [optional] |
 | **kratos_session_whoami_required_aal** | **String** | Configures the Ory Kratos Session Whoami AAL requirement  This governs the \&quot;session.whoami.required_aal\&quot; setting. | [optional] |
+| **kratos_session_whoami_tokenizer_templates** | [**Array&lt;NormalizedProjectRevisionTokenizerTemplate&gt;**](NormalizedProjectRevisionTokenizerTemplate.md) |  | [optional] |
 | **name** | **String** | The project&#39;s name. |  |
 | **production** | **Boolean** | Whether this project is in production mode or not.  In development mode, a low-security profile is used making it easier to develop against your, for example, local environment. | [optional] |
 | **project_id** | **String** | The Revision&#39;s Project ID | [optional] |
@@ -353,6 +354,7 @@ instance = OryClient::NormalizedProjectRevision.new(
   kratos_session_cookie_same_site: null,
   kratos_session_lifespan: null,
   kratos_session_whoami_required_aal: null,
+  kratos_session_whoami_tokenizer_templates: null,
   name: null,
   production: null,
   project_id: null,

data/docs/NormalizedProjectRevisionThirdPartyProvider.md CHANGED Viewed

@@ -15,7 +15,7 @@
 | **id** | **String** |  | [optional] |
 | **issuer_url** | **String** | IssuerURL is the OpenID Connect Server URL. You can leave this empty if &#x60;provider&#x60; is not set to &#x60;generic&#x60;. If set, neither &#x60;auth_url&#x60; nor &#x60;token_url&#x60; are required. | [optional] |
 | **label** | **String** | Label represents an optional label which can be used in the UI generation. | [optional] |
-| **mapper_url** | **String** | Mapper specifies the JSONNet code snippet which uses the OpenID Connect Provider&#39;s data (e.g. GitHub or Google profile information) to hydrate the identity&#39;s data.  It can be either a URL (file://, http(s)://, base64://) or an inline JSONNet code snippet. | [optional] |
+| **mapper_url** | **String** | Mapper specifies the JSONNet code snippet which uses the OpenID Connect Provider&#39;s data (e.g. GitHub or Google profile information) to hydrate the identity&#39;s data. | [optional] |
 | **project_revision_id** | **String** | The Revision&#39;s ID this schema belongs to | [optional] |
 | **provider** | **String** | Provider is either \&quot;generic\&quot; for a generic OAuth 2.0 / OpenID Connect Provider or one of: generic google github gitlab microsoft discord slack facebook vk yandex apple | [optional] |
 | **provider_id** | **String** | ID is the provider&#39;s ID | [optional] |

data/docs/NormalizedProjectRevisionTokenizerTemplate.md ADDED Viewed

@@ -0,0 +1,32 @@
+# OryClient::NormalizedProjectRevisionTokenizerTemplate
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **claims_mapper_url** | **String** | Claims mapper URL | [optional] |
+| **created_at** | **Time** | The Project&#39;s Revision Creation Date | [optional][readonly] |
+| **id** | **String** | The revision ID. | [optional][readonly] |
+| **jwks_url** | **String** | JSON Web Key URL | [optional] |
+| **key** | **String** | The unique key of the template | [optional] |
+| **project_revision_id** | **String** | The Revision&#39;s ID this schema belongs to | [optional] |
+| **ttl** | **String** | Token time to live | [optional][default to &#39;1m&#39;] |
+| **updated_at** | **Time** | Last Time Project&#39;s Revision was Updated | [optional][readonly] |
+## Example
+```ruby
+require 'ory-client'
+instance = OryClient::NormalizedProjectRevisionTokenizerTemplate.new(
+  claims_mapper_url: null,
+  created_at: null,
+  id: null,
+  jwks_url: null,
+  key: null,
+  project_revision_id: null,
+  ttl: 1h,
+  updated_at: null
+)
+```

data/docs/Session.md CHANGED Viewed

@@ -13,6 +13,7 @@
 | **id** | **String** | Session ID |  |
 | **identity** | [**Identity**](Identity.md) |  | [optional] |
 | **issued_at** | **Time** | The Session Issuance Timestamp  When this session was issued at. Usually equal or close to &#x60;authenticated_at&#x60;. | [optional] |
+| **tokenized** | **String** | Tokenized is the tokenized (e.g. JWT) version of the session.  It is only set when the &#x60;tokenize&#x60; query parameter was set to a valid tokenize template during calls to &#x60;/session/whoami&#x60;. | [optional] |
 ## Example
@@ -28,7 +29,8 @@ instance = OryClient::Session.new(
   expires_at: null,
   id: null,
   identity: null,
-  issued_at: null
+  issued_at: null,
+  tokenized: null
 )
 ```

data/lib/ory-client/api/courier_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/frontend_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1
@@ -1532,10 +1532,11 @@ module OryClient
     end
     # Check Who the Current HTTP Session Belongs To
-    # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
+    # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  When using a token template, the token is included in the `tokenized` field of the session.  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\", { tokenize_as: \"example-jwt-template\" })  console.log(session.tokenized) // The JWT ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
     # @param [Hash] opts the optional parameters
     # @option opts [String] :x_session_token Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.
     # @option opts [String] :cookie Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;.  It is ok if more than one cookie are included here as all other cookies will be ignored.
+    # @option opts [String] :tokenize_as Returns the session additionally as a token (such as a JWT)  The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](http://ory.sh/docs/identities/session-to-jwt-cors).
     # @return [Session]
     def to_session(opts = {})
       data, _status_code, _headers = to_session_with_http_info(opts)
@@ -1543,10 +1544,11 @@ module OryClient
     end
     # Check Who the Current HTTP Session Belongs To
-    # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the &#39;X-Kratos-Authenticated-Identity-Id&#39; header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/protected-endpoint&#39;, async function (req, res) { const session &#x3D; await client.toSession(undefined, req.header(&#39;cookie&#39;))  console.log(session) }) &#x60;&#x60;&#x60;  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  &#x60;&#x60;&#x60;js pseudo-code example ... const session &#x3D; await client.toSession(\&quot;the-session-token\&quot;)  console.log(session) &#x60;&#x60;&#x60;  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the &#x60;X-Session-Token&#x60; header!  This endpoint authenticates users by checking:  if the &#x60;Cookie&#x60; HTTP header was set containing an Ory Kratos Session Cookie; if the &#x60;Authorization: bearer &lt;ory-session-token&gt;&#x60; HTTP header was set with a valid Ory Kratos Session Token; if the &#x60;X-Session-Token&#x60; HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The &#x60;error.id&#x60; can be one of:  &#x60;session_inactive&#x60;: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). &#x60;session_aal2_required&#x60;: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
+    # Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the &#39;X-Kratos-Authenticated-Identity-Id&#39; header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  &#x60;&#x60;&#x60;js pseudo-code example router.get(&#39;/protected-endpoint&#39;, async function (req, res) { const session &#x3D; await client.toSession(undefined, req.header(&#39;cookie&#39;))  console.log(session) }) &#x60;&#x60;&#x60;  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  &#x60;&#x60;&#x60;js pseudo-code example ... const session &#x3D; await client.toSession(\&quot;the-session-token\&quot;)  console.log(session) &#x60;&#x60;&#x60;  When using a token template, the token is included in the &#x60;tokenized&#x60; field of the session.  &#x60;&#x60;&#x60;js pseudo-code example ... const session &#x3D; await client.toSession(\&quot;the-session-token\&quot;, { tokenize_as: \&quot;example-jwt-template\&quot; })  console.log(session.tokenized) // The JWT &#x60;&#x60;&#x60;  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the &#x60;X-Session-Token&#x60; header!  This endpoint authenticates users by checking:  if the &#x60;Cookie&#x60; HTTP header was set containing an Ory Kratos Session Cookie; if the &#x60;Authorization: bearer &lt;ory-session-token&gt;&#x60; HTTP header was set with a valid Ory Kratos Session Token; if the &#x60;X-Session-Token&#x60; HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The &#x60;error.id&#x60; can be one of:  &#x60;session_inactive&#x60;: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). &#x60;session_aal2_required&#x60;: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
     # @param [Hash] opts the optional parameters
     # @option opts [String] :x_session_token Set the Session Token when calling from non-browser clients. A session token has a format of &#x60;MP2YWEMeM8MxjkGKpH4dqOQ4Q4DlSPaj&#x60;.
     # @option opts [String] :cookie Set the Cookie Header. This is especially useful when calling this endpoint from a server-side application. In that scenario you must include the HTTP Cookie Header which originally was included in the request to your server. An example of a session in the HTTP Cookie Header is: &#x60;ory_kratos_session&#x3D;a19iOVAbdzdgl70Rq1QZmrKmcjDtdsviCTZx7m9a9yHIUS8Wa9T7hvqyGTsLHi6Qifn2WUfpAKx9DWp0SJGleIn9vh2YF4A16id93kXFTgIgmwIOvbVAScyrx7yVl6bPZnCx27ec4WQDtaTewC1CpgudeDV2jQQnSaCP6ny3xa8qLH-QUgYqdQuoA_LF1phxgRCUfIrCLQOkolX5nv3ze_f&#x3D;&#x3D;&#x60;.  It is ok if more than one cookie are included here as all other cookies will be ignored.
+    # @option opts [String] :tokenize_as Returns the session additionally as a token (such as a JWT)  The value of this parameter has to be a valid, configured Ory Session token template. For more information head over to [the documentation](http://ory.sh/docs/identities/session-to-jwt-cors).
     # @return [Array<(Session, Integer, Hash)>] Session data, response status code and response headers
     def to_session_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -1557,6 +1559,7 @@ module OryClient
       # query parameters
       query_params = opts[:query_params] || {}
+      query_params[:'tokenize_as'] = opts[:'tokenize_as'] if !opts[:'tokenize_as'].nil?
       # header parameters
       header_params = opts[:header_params] || {}

data/lib/ory-client/api/identity_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/jwk_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/metadata_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/o_auth2_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/oidc_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/permission_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/project_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/relationship_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api/wellknown_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api_client.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/api_error.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/configuration.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_consent_request.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_consent_request_session.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/accept_o_auth2_login_request.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/active_project_in_console.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/authenticator_assurance_level.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/batch_patch_identities_response.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/check_opl_syntax_result.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/check_permission_result.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/cloud_account.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/continue_with.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/continue_with_set_ory_session_token.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/continue_with_verification_ui.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/continue_with_verification_ui_flow.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/cors.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/courier_message_status.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/courier_message_type.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_custom_domain_body.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_identity_body.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_invite_response.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_json_web_key_set.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_project_api_key_request.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_project_body.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1

data/lib/ory-client/models/create_project_branding.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #Documentation for all public and administrative Ory APIs. Administrative APIs can only be accessed with a valid Personal Access Token. Public APIs are mostly used in browsers.
-The version of the OpenAPI document: v1.2.6
+The version of the OpenAPI document: v1.2.8
 Contact: support@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1