RubyGems - ory-kratos-client - Versions diffs - 0.13.1 → 1.0.0 - Mend

ory-kratos-client 0.13.1 → 1.0.0

Files changed (497) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c655ebe6f682890870769c0082c281e16c79c35815052a0154c9cdc4211e392d
-  data.tar.gz: f074fa299fcb6d24468c4b29984b950f0bb51c9688f38983bb395016a9d46e3c
+  metadata.gz: 5f0f3a1b50cff7d291c51f29847e5b2633ab2ac12a86512aec293b40e19b441b
+  data.tar.gz: f182d52aba9f8b1d0fb64ba60bbb0037f076a04457982702516f84d66e175047
 SHA512:
-  metadata.gz: 5fad990e1ddc6e1c9d29ba4e5822954219a52d68f2c1347049670b2bf1a87bbf37efff2f8c986e2acb542ce97ffd3068297b3fccbf74ac375de4f9d823c5de57
-  data.tar.gz: d9677409086a54fe817f040e72b681d4d585b46d6cc21d67f4da14be5e77f8d134132e7f4c63d96af19de34bea8f0fa3fc3910d362eb437d31f762cc85694114
+  metadata.gz: 6081d1a98f8eea6011b2997f8772256244d21837d421597891cf87b7a944e68852e38c5b97929fe942f2bdfab6deb901cc50cc797a05733b1ae83daf6c06792e
+  data.tar.gz: ec8a0be3aafa712c659da5cd08ff7c88408caeed5e553ee3c733d24ee3ea96d019dfb04cdbf35ca4ba7488b7955949129df038551b3d97af84d443d871cea01d

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    ory-kratos-client (0.13.1)
+    ory-kratos-client (1.0.0)
       typhoeus (~> 1.0, >= 1.0.1)
 GEM
@@ -14,11 +14,12 @@ GEM
     ethon (0.16.0)
       ffi (>= 1.15.0)
     ffi (1.15.5)
-    jaro_winkler (1.5.4)
+    jaro_winkler (1.5.6)
     method_source (1.0.0)
     parallel (1.23.0)
-    parser (3.2.2.1)
+    parser (3.2.2.3)
       ast (~> 2.4.1)
+      racc
     pry (0.13.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
@@ -27,6 +28,7 @@ GEM
       pry (~> 0.13.0)
     psych (4.0.6)
       stringio
+    racc (1.7.1)
     rainbow (3.1.1)
     rake (13.0.6)
     rspec (3.12.0)
@@ -38,10 +40,10 @@ GEM
     rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+    rspec-mocks (3.12.6)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
+    rspec-support (3.12.1)
     rubocop (0.66.0)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)

data/README.md CHANGED Viewed

@@ -7,8 +7,8 @@ This is the API specification for Ory Identities with features such as registrat
 This SDK is automatically generated by the [OpenAPI Generator](https://openapi-generator.tech) project:
-- API version: v0.13.1
-- Package version: v0.13.1
+- API version: v1.0.0
+- Package version: v1.0.0
 - Build package: org.openapitools.codegen.languages.RubyClientCodegen
 ## Installation
@@ -24,16 +24,16 @@ gem build ory-kratos-client.gemspec
 Then either install the gem locally:
 ```shell
-gem install ./ory-kratos-client-v0.13.1.gem
+gem install ./ory-kratos-client-v1.0.0.gem
 ```
-(for development, run `gem install --dev ./ory-kratos-client-v0.13.1.gem` to install the development dependencies)
+(for development, run `gem install --dev ./ory-kratos-client-v1.0.0.gem` to install the development dependencies)
 or publish the gem to a gem hosting service, e.g. [RubyGems](https://rubygems.org/).
 Finally add this to the Gemfile:
-    gem 'ory-kratos-client', '~> v0.13.1'
+    gem 'ory-kratos-client', '~> v1.0.0'
 ### Install from Git
@@ -99,6 +99,7 @@ Class | Method | HTTP request | Description
 *OryKratosClient::FrontendApi* | [**create_native_verification_flow**](docs/FrontendApi.md#create_native_verification_flow) | **GET** /self-service/verification/api | Create Verification Flow for Native Apps
 *OryKratosClient::FrontendApi* | [**disable_my_other_sessions**](docs/FrontendApi.md#disable_my_other_sessions) | **DELETE** /sessions | Disable my other sessions
 *OryKratosClient::FrontendApi* | [**disable_my_session**](docs/FrontendApi.md#disable_my_session) | **DELETE** /sessions/{id} | Disable one of my sessions
+*OryKratosClient::FrontendApi* | [**exchange_session_token**](docs/FrontendApi.md#exchange_session_token) | **GET** /sessions/token-exchange | Exchange Session Token
 *OryKratosClient::FrontendApi* | [**get_flow_error**](docs/FrontendApi.md#get_flow_error) | **GET** /self-service/errors | Get User-Flow Errors
 *OryKratosClient::FrontendApi* | [**get_login_flow**](docs/FrontendApi.md#get_login_flow) | **GET** /self-service/login/flows | Get Login Flow
 *OryKratosClient::FrontendApi* | [**get_recovery_flow**](docs/FrontendApi.md#get_recovery_flow) | **GET** /self-service/recovery/flows | Get Recovery Flow
@@ -203,6 +204,7 @@ Class | Method | HTTP request | Description
  - [OryKratosClient::SessionDevice](docs/SessionDevice.md)
  - [OryKratosClient::SettingsFlow](docs/SettingsFlow.md)
  - [OryKratosClient::SettingsFlowState](docs/SettingsFlowState.md)
+ - [OryKratosClient::SuccessfulCodeExchangeResponse](docs/SuccessfulCodeExchangeResponse.md)
  - [OryKratosClient::SuccessfulNativeLogin](docs/SuccessfulNativeLogin.md)
  - [OryKratosClient::SuccessfulNativeRegistration](docs/SuccessfulNativeRegistration.md)
  - [OryKratosClient::TokenPagination](docs/TokenPagination.md)

data/docs/FrontendApi.md CHANGED Viewed

@@ -17,6 +17,7 @@ All URIs are relative to *http://localhost*
 | [**create_native_verification_flow**](FrontendApi.md#create_native_verification_flow) | **GET** /self-service/verification/api | Create Verification Flow for Native Apps |
 | [**disable_my_other_sessions**](FrontendApi.md#disable_my_other_sessions) | **DELETE** /sessions | Disable my other sessions |
 | [**disable_my_session**](FrontendApi.md#disable_my_session) | **DELETE** /sessions/{id} | Disable one of my sessions |
+| [**exchange_session_token**](FrontendApi.md#exchange_session_token) | **GET** /sessions/token-exchange | Exchange Session Token |
 | [**get_flow_error**](FrontendApi.md#get_flow_error) | **GET** /self-service/errors | Get User-Flow Errors |
 | [**get_login_flow**](FrontendApi.md#get_login_flow) | **GET** /self-service/login/flows | Get Login Flow |
 | [**get_recovery_flow**](FrontendApi.md#get_recovery_flow) | **GET** /self-service/recovery/flows | Get Recovery Flow |
@@ -125,7 +126,8 @@ require 'ory-kratos-client'
 api_instance = OryKratosClient::FrontendApi.new
 opts = {
-  cookie: 'cookie_example' # String | HTTP Cookies  If you call this endpoint from a backend, please include the original Cookie header in the request.
+  cookie: 'cookie_example', # String | HTTP Cookies  If you call this endpoint from a backend, please include the original Cookie header in the request.
+  return_to: 'return_to_example' # String | Return to URL  The URL to which the browser should be redirected to after the logout has been performed.
 }
 begin
@@ -160,6 +162,7 @@ end
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **cookie** | **String** | HTTP Cookies  If you call this endpoint from a backend, please include the original Cookie header in the request. | [optional] |
+| **return_to** | **String** | Return to URL  The URL to which the browser should be redirected to after the logout has been performed. | [optional] |
 ### Return type
@@ -463,7 +466,9 @@ api_instance = OryKratosClient::FrontendApi.new
 opts = {
   refresh: true, # Boolean | Refresh a login session  If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.
   aal: 'aal_example', # String | Request a Specific AuthenticationMethod Assurance Level  Use this parameter to upgrade an existing session's authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to \"upgrade\" the session's security by asking the user to perform TOTP / WebAuth/ ... you would set this to \"aal2\".
-  x_session_token: 'x_session_token_example' # String | The Session Token of the Identity performing the settings flow.
+  x_session_token: 'x_session_token_example', # String | The Session Token of the Identity performing the settings flow.
+  return_session_token_exchange_code: true, # Boolean | EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.
+  return_to: 'return_to_example' # String | The URL to return the browser to after the flow was completed.
 }
 begin
@@ -500,6 +505,8 @@ end
 | **refresh** | **Boolean** | Refresh a login session  If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session. | [optional] |
 | **aal** | **String** | Request a Specific AuthenticationMethod Assurance Level  Use this parameter to upgrade an existing session&#39;s authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to \&quot;upgrade\&quot; the session&#39;s security by asking the user to perform TOTP / WebAuth/ ... you would set this to \&quot;aal2\&quot;. | [optional] |
 | **x_session_token** | **String** | The Session Token of the Identity performing the settings flow. | [optional] |
+| **return_session_token_exchange_code** | **Boolean** | EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed. | [optional] |
+| **return_to** | **String** | The URL to return the browser to after the flow was completed. | [optional] |
 ### Return type
@@ -578,7 +585,7 @@ No authorization required
 ## create_native_registration_flow
-> <RegistrationFlow> create_native_registration_flow
+> <RegistrationFlow> create_native_registration_flow(opts)
 Create Registration Flow for Native Apps
@@ -591,10 +598,14 @@ require 'time'
 require 'ory-kratos-client'
 api_instance = OryKratosClient::FrontendApi.new
+opts = {
+  return_session_token_exchange_code: true, # Boolean | EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed.
+  return_to: 'return_to_example' # String | The URL to return the browser to after the flow was completed.
+}
 begin
   # Create Registration Flow for Native Apps
-  result = api_instance.create_native_registration_flow
+  result = api_instance.create_native_registration_flow(opts)
   p result
 rescue OryKratosClient::ApiError => e
   puts "Error when calling FrontendApi->create_native_registration_flow: #{e}"
@@ -605,12 +616,12 @@ end
 This returns an Array which contains the response data, status code and headers.
-> <Array(<RegistrationFlow>, Integer, Hash)> create_native_registration_flow_with_http_info
+> <Array(<RegistrationFlow>, Integer, Hash)> create_native_registration_flow_with_http_info(opts)
 ```ruby
 begin
   # Create Registration Flow for Native Apps
-  data, status_code, headers = api_instance.create_native_registration_flow_with_http_info
+  data, status_code, headers = api_instance.create_native_registration_flow_with_http_info(opts)
   p status_code # => 2xx
   p headers # => { ... }
   p data # => <RegistrationFlow>
@@ -621,7 +632,10 @@ end
 ### Parameters
-This endpoint does not need any parameter.
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **return_session_token_exchange_code** | **Boolean** | EnableSessionTokenExchangeCode requests the login flow to include a code that can be used to retrieve the session token after the login flow has been completed. | [optional] |
+| **return_to** | **String** | The URL to return the browser to after the flow was completed. | [optional] |
 ### Return type
@@ -901,6 +915,70 @@ No authorization required
 - **Accept**: application/json
+## exchange_session_token
+> <SuccessfulNativeLogin> exchange_session_token(init_code, return_to_code)
+Exchange Session Token
+### Examples
+```ruby
+require 'time'
+require 'ory-kratos-client'
+api_instance = OryKratosClient::FrontendApi.new
+init_code = 'init_code_example' # String | The part of the code return when initializing the flow.
+return_to_code = 'return_to_code_example' # String | The part of the code returned by the return_to URL.
+begin
+  # Exchange Session Token
+  result = api_instance.exchange_session_token(init_code, return_to_code)
+  p result
+rescue OryKratosClient::ApiError => e
+  puts "Error when calling FrontendApi->exchange_session_token: #{e}"
+end
+```
+#### Using the exchange_session_token_with_http_info variant
+This returns an Array which contains the response data, status code and headers.
+> <Array(<SuccessfulNativeLogin>, Integer, Hash)> exchange_session_token_with_http_info(init_code, return_to_code)
+```ruby
+begin
+  # Exchange Session Token
+  data, status_code, headers = api_instance.exchange_session_token_with_http_info(init_code, return_to_code)
+  p status_code # => 2xx
+  p headers # => { ... }
+  p data # => <SuccessfulNativeLogin>
+rescue OryKratosClient::ApiError => e
+  puts "Error when calling FrontendApi->exchange_session_token_with_http_info: #{e}"
+end
+```
+### Parameters
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **init_code** | **String** | The part of the code return when initializing the flow. |  |
+| **return_to_code** | **String** | The part of the code returned by the return_to URL. |  |
+### Return type
+[**SuccessfulNativeLogin**](SuccessfulNativeLogin.md)
+### Authorization
+No authorization required
+### HTTP request headers
+- **Content-Type**: Not defined
+- **Accept**: application/json
 ## get_flow_error
 > <FlowError> get_flow_error(id)
@@ -1509,7 +1587,7 @@ No authorization required
 Check Who the Current HTTP Session Belongs To
-Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cooke or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
+Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated. Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent. When the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.  If you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:  ```js pseudo-code example router.get('/protected-endpoint', async function (req, res) { const session = await client.toSession(undefined, req.header('cookie'))  console.log(session) }) ```  When calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:  ```js pseudo-code example ... const session = await client.toSession(\"the-session-token\")  console.log(session) ```  Depending on your configuration this endpoint might return a 403 status code if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.  This endpoint is useful for:  AJAX calls. Remember to send credentials and set up CORS correctly! Reverse proxies and API Gateways Server-side calls - use the `X-Session-Token` header!  This endpoint authenticates users by checking:  if the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie; if the `Authorization: bearer <ory-session-token>` HTTP header was set with a valid Ory Kratos Session Token; if the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.  If none of these headers are set or the cookie or token are invalid, the endpoint returns a HTTP 401 status code.  As explained above, this request may fail due to several reasons. The `error.id` can be one of:  `session_inactive`: No active session was found in the request (e.g. no Ory Session Cookie / Ory Session Token). `session_aal2_required`: An active session was found but it does not fulfil the Authenticator Assurance Level, implying that the session must (e.g.) authenticate the second factor.
 ### Examples
@@ -1660,7 +1738,8 @@ require 'ory-kratos-client'
 api_instance = OryKratosClient::FrontendApi.new
 opts = {
   token: 'token_example', # String | A Valid Logout Token  If you do not have a logout token because you only have a session cookie, call `/self-service/logout/browser` to generate a URL for this endpoint.
-  return_to: 'return_to_example' # String | The URL to return to after the logout was completed.
+  return_to: 'return_to_example', # String | The URL to return to after the logout was completed.
+  cookie: 'cookie_example' # String | HTTP Cookies  When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected.
 }
 begin
@@ -1695,6 +1774,7 @@ end
 | ---- | ---- | ----------- | ----- |
 | **token** | **String** | A Valid Logout Token  If you do not have a logout token because you only have a session cookie, call &#x60;/self-service/logout/browser&#x60; to generate a URL for this endpoint. | [optional] |
 | **return_to** | **String** | The URL to return to after the logout was completed. | [optional] |
+| **cookie** | **String** | HTTP Cookies  When using the SDK in a browser app, on the server side you must include the HTTP Cookie Header sent by the client to your server here. This ensures that CSRF and session cookies are respected. | [optional] |
 ### Return type

data/docs/IdentityApi.md CHANGED Viewed

@@ -388,7 +388,7 @@ nil (empty response body)
 ## delete_identity_credentials
-> <Identity> delete_identity_credentials(id, type)
+> delete_identity_credentials(id, type)
 Delete a credential for a specific identity
@@ -413,8 +413,7 @@ type = 'totp' # String | Type is the credential's Type. One of totp, webauthn, l
 begin
   # Delete a credential for a specific identity
-  result = api_instance.delete_identity_credentials(id, type)
-  p result
+  api_instance.delete_identity_credentials(id, type)
 rescue OryKratosClient::ApiError => e
   puts "Error when calling IdentityApi->delete_identity_credentials: #{e}"
 end
@@ -422,9 +421,9 @@ end
 #### Using the delete_identity_credentials_with_http_info variant
-This returns an Array which contains the response data, status code and headers.
+This returns an Array which contains the response data (`nil` in this case), status code and headers.
-> <Array(<Identity>, Integer, Hash)> delete_identity_credentials_with_http_info(id, type)
+> <Array(nil, Integer, Hash)> delete_identity_credentials_with_http_info(id, type)
 ```ruby
 begin
@@ -432,7 +431,7 @@ begin
   data, status_code, headers = api_instance.delete_identity_credentials_with_http_info(id, type)
   p status_code # => 2xx
   p headers # => { ... }
-  p data # => <Identity>
+  p data # => nil
 rescue OryKratosClient::ApiError => e
   puts "Error when calling IdentityApi->delete_identity_credentials_with_http_info: #{e}"
 end
@@ -447,7 +446,7 @@ end
 ### Return type
-[**Identity**](Identity.md)
+nil (empty response body)
 ### Authorization
@@ -694,7 +693,7 @@ end
 api_instance = OryKratosClient::IdentityApi.new
 id = 'id_example' # String | ID must be set to the ID of identity you want to get
 opts = {
-  include_credential: ['inner_example'] # Array<String> | Include Credentials in Response  Currently, only `oidc` is supported. This will return the initial OAuth 2.0 Access, Refresh and (optionally) OpenID Connect ID Token.
+  include_credential: ['password'] # Array<String> | Include Credentials in Response  Include any credential, for example `password` or `oidc`, in the response. When set to `oidc`, This will return the initial OAuth 2.0 Access Token, OAuth 2.0 Refresh Token and the OpenID Connect ID Token if available.
 }
 begin
@@ -729,7 +728,7 @@ end
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **id** | **String** | ID must be set to the ID of identity you want to get |  |
-| **include_credential** | [**Array&lt;String&gt;**](String.md) | Include Credentials in Response  Currently, only &#x60;oidc&#x60; is supported. This will return the initial OAuth 2.0 Access, Refresh and (optionally) OpenID Connect ID Token. | [optional] |
+| **include_credential** | [**Array&lt;String&gt;**](String.md) | Include Credentials in Response  Include any credential, for example &#x60;password&#x60; or &#x60;oidc&#x60;, in the response. When set to &#x60;oidc&#x60;, This will return the initial OAuth 2.0 Access Token, OAuth 2.0 Refresh Token and the OpenID Connect ID Token if available. | [optional] |
 ### Return type

data/docs/LoginFlow.md CHANGED Viewed

@@ -9,12 +9,13 @@
 | **expires_at** | **Time** | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in, a new flow has to be initiated. |  |
 | **id** | **String** | ID represents the flow&#39;s unique ID. When performing the login flow, this represents the id in the login UI&#39;s query parameter: http://&lt;selfservice.flows.login.ui_url&gt;/?flow&#x3D;&lt;flow_id&gt; |  |
 | **issued_at** | **Time** | IssuedAt is the time (UTC) when the flow started. |  |
-| **oauth2_login_challenge** | **String** |  | [optional] |
+| **oauth2_login_challenge** | **String** | Ory OAuth 2.0 Login Challenge.  This value is set using the &#x60;login_challenge&#x60; query parameter of the registration and login endpoints. If set will cooperate with Ory OAuth2 and OpenID to act as an OAuth2 server / OpenID Provider. | [optional] |
 | **oauth2_login_request** | [**OAuth2LoginRequest**](OAuth2LoginRequest.md) |  | [optional] |
 | **refresh** | **Boolean** | Refresh stores whether this login flow should enforce re-authentication. | [optional] |
 | **request_url** | **String** | RequestURL is the initial URL that was requested from Ory Kratos. It can be used to forward information contained in the URL&#39;s path or query for example. |  |
 | **requested_aal** | [**AuthenticatorAssuranceLevel**](AuthenticatorAssuranceLevel.md) |  | [optional] |
 | **return_to** | **String** | ReturnTo contains the requested return_to URL. | [optional] |
+| **session_token_exchange_code** | **String** | SessionTokenExchangeCode holds the secret code that the client can use to retrieve a session token after the login flow has been completed. This is only set if the client has requested a session token exchange code, and if the flow is of type \&quot;api\&quot;, and only on creating the login flow. | [optional] |
 | **type** | **String** | The flow type can either be &#x60;api&#x60; or &#x60;browser&#x60;. |  |
 | **ui** | [**UiContainer**](UiContainer.md) |  |  |
 | **updated_at** | **Time** | UpdatedAt is a helper struct field for gobuffalo.pop. | [optional] |
@@ -36,6 +37,7 @@ instance = OryKratosClient::LoginFlow.new(
   request_url: null,
   requested_aal: null,
   return_to: null,
+  session_token_exchange_code: null,
   type: null,
   ui: null,
   updated_at: null

data/docs/RegistrationFlow.md CHANGED Viewed

@@ -8,10 +8,11 @@
 | **expires_at** | **Time** | ExpiresAt is the time (UTC) when the flow expires. If the user still wishes to log in, a new flow has to be initiated. |  |
 | **id** | **String** | ID represents the flow&#39;s unique ID. When performing the registration flow, this represents the id in the registration ui&#39;s query parameter: http://&lt;selfservice.flows.registration.ui_url&gt;/?flow&#x3D;&lt;id&gt; |  |
 | **issued_at** | **Time** | IssuedAt is the time (UTC) when the flow occurred. |  |
-| **oauth2_login_challenge** | **String** |  | [optional] |
+| **oauth2_login_challenge** | **String** | Ory OAuth 2.0 Login Challenge.  This value is set using the &#x60;login_challenge&#x60; query parameter of the registration and login endpoints. If set will cooperate with Ory OAuth2 and OpenID to act as an OAuth2 server / OpenID Provider. | [optional] |
 | **oauth2_login_request** | [**OAuth2LoginRequest**](OAuth2LoginRequest.md) |  | [optional] |
 | **request_url** | **String** | RequestURL is the initial URL that was requested from Ory Kratos. It can be used to forward information contained in the URL&#39;s path or query for example. |  |
 | **return_to** | **String** | ReturnTo contains the requested return_to URL. | [optional] |
+| **session_token_exchange_code** | **String** | SessionTokenExchangeCode holds the secret code that the client can use to retrieve a session token after the flow has been completed. This is only set if the client has requested a session token exchange code, and if the flow is of type \&quot;api\&quot;, and only on creating the flow. | [optional] |
 | **transient_payload** | **Object** | TransientPayload is used to pass data from the registration to a webhook | [optional] |
 | **type** | **String** | The flow type can either be &#x60;api&#x60; or &#x60;browser&#x60;. |  |
 | **ui** | [**UiContainer**](UiContainer.md) |  |  |
@@ -30,6 +31,7 @@ instance = OryKratosClient::RegistrationFlow.new(
   oauth2_login_request: null,
   request_url: null,
   return_to: null,
+  session_token_exchange_code: null,
   transient_payload: null,
   type: null,
   ui: null

data/docs/SessionAuthenticationMethod.md CHANGED Viewed

@@ -7,6 +7,7 @@
 | **aal** | [**AuthenticatorAssuranceLevel**](AuthenticatorAssuranceLevel.md) |  | [optional] |
 | **completed_at** | **Time** | When the authentication challenge was completed. | [optional] |
 | **method** | **String** |  | [optional] |
+| **provider** | **String** | OIDC or SAML provider id used for authentication | [optional] |
 ## Example
@@ -16,7 +17,8 @@ require 'ory-kratos-client'
 instance = OryKratosClient::SessionAuthenticationMethod.new(
   aal: null,
   completed_at: null,
-  method: null
+  method: null,
+  provider: null
 )
 ```

data/docs/SuccessfulCodeExchangeResponse.md ADDED Viewed

@@ -0,0 +1,20 @@
+# OryKratosClient::SuccessfulCodeExchangeResponse
+## Properties
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **session** | [**Session**](Session.md) |  |  |
+| **session_token** | **String** | The Session Token  A session token is equivalent to a session cookie, but it can be sent in the HTTP Authorization Header:  Authorization: bearer ${session-token}  The session token is only issued for API flows, not for Browser flows! | [optional] |
+## Example
+```ruby
+require 'ory-kratos-client'
+instance = OryKratosClient::SuccessfulCodeExchangeResponse.new(
+  session: null,
+  session_token: null
+)
+```

data/docs/UpdateLoginFlowWithOidcMethod.md CHANGED Viewed

@@ -8,7 +8,7 @@
 | **method** | **String** | Method to use  This field must be set to &#x60;oidc&#x60; when using the oidc method. |  |
 | **provider** | **String** | The provider to register with |  |
 | **traits** | **Object** | The identity traits. This is a placeholder for the registration flow. | [optional] |
-| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. | [optional] |
+| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. &#x60;prompt&#x60; (string): The &#x60;prompt&#x60; specifies whether the Authorization Server prompts the End-User for reauthentication and consent, e.g. &#x60;select_account&#x60;. | [optional] |
 ## Example

data/docs/UpdateRegistrationFlowWithOidcMethod.md CHANGED Viewed

@@ -9,7 +9,7 @@
 | **provider** | **String** | The provider to register with |  |
 | **traits** | **Object** | The identity traits | [optional] |
 | **transient_payload** | **Object** | Transient data to pass along to any webhooks | [optional] |
-| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. | [optional] |
+| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. &#x60;prompt&#x60; (string): The &#x60;prompt&#x60; specifies whether the Authorization Server prompts the End-User for reauthentication and consent, e.g. &#x60;select_account&#x60;. | [optional] |
 ## Example

data/docs/UpdateSettingsFlowWithOidcMethod.md CHANGED Viewed

@@ -9,7 +9,7 @@
 | **method** | **String** | Method  Should be set to profile when trying to update a profile. |  |
 | **traits** | **Object** | The identity&#39;s traits  in: body | [optional] |
 | **unlink** | **String** | Unlink this provider  Either this or &#x60;link&#x60; must be set.  type: string in: body | [optional] |
-| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. | [optional] |
+| **upstream_parameters** | **Object** | UpstreamParameters are the parameters that are passed to the upstream identity provider.  These parameters are optional and depend on what the upstream identity provider supports. Supported parameters are: &#x60;login_hint&#x60; (string): The &#x60;login_hint&#x60; parameter suppresses the account chooser and either pre-fills the email box on the sign-in form, or selects the proper session. &#x60;hd&#x60; (string): The &#x60;hd&#x60; parameter limits the login/registration process to a Google Organization, e.g. &#x60;mycollege.edu&#x60;. &#x60;prompt&#x60; (string): The &#x60;prompt&#x60; specifies whether the Authorization Server prompts the End-User for reauthentication and consent, e.g. &#x60;select_account&#x60;. | [optional] |
 ## Example

data/docs/UpdateVerificationFlowWithLinkMethod.md CHANGED Viewed

@@ -6,7 +6,7 @@
 | ---- | ---- | ----------- | ----- |
 | **csrf_token** | **String** | Sending the anti-csrf token is only required for browser login flows. | [optional] |
 | **email** | **String** | Email to Verify  Needs to be set when initiating the flow. If the email is a registered verification email, a verification link will be sent. If the email is not known, a email with details on what happened will be sent instead.  format: email |  |
-| **method** | **String** | Method is the method that should be used for this verification flow  Allowed values are &#x60;link&#x60; and &#x60;code&#x60; |  |
+| **method** | **String** | Method is the method that should be used for this verification flow  Allowed values are &#x60;link&#x60; and &#x60;code&#x60; link VerificationStrategyLink code VerificationStrategyCode |  |
 ## Example

data/lib/ory-kratos-client/api/courier_api.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 #This is the API specification for Ory Identities with features such as registration, login, recovery, account verification, profile settings, password reset, identity management, session management, email and sms delivery, and more.
-The version of the OpenAPI document: v0.13.1
+The version of the OpenAPI document: v1.0.0
 Contact: office@ory.sh
 Generated by: https://openapi-generator.tech
 OpenAPI Generator version: 6.0.1