stytch 9.3.0 → 9.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d26559911b9b0677b360db5707cc19a0faead0a0420bd7ec7612766184dde63b
4
- data.tar.gz: 37ed33c882f14ef4cb40e925f9dc62362a7674621a7ed032a5afca2a753cd503
3
+ metadata.gz: df153778bac5f00a6388121f7a71b60099fd5c2c6c3c1fbd547454ca569afda3
4
+ data.tar.gz: 225ed1bc1c7887a2fd4859d0df99c1de2b598e563c0f44888fbdf25e73e37e3e
5
5
  SHA512:
6
- metadata.gz: c751854693f03128c410031c7647982a0702d8971ebb2df47a5c542b25df668faa4309587dbd00d5c415166dc5aebb5db26fbf7b350eff6f4129be9bd3fc38cd
7
- data.tar.gz: 82ac37c5f69e67fe207a06fa61809844b0a9084e0ec73d4820f3f4e8896e74ab0010750663aa910e564dc2cb7135faa1dbd8d492ba94e3b8fad069bcfbab4931
6
+ metadata.gz: 50bb2c8ea28cbb275435f5c6f56e67d8cdec4edea9b3b6d9b23c3a2d57611d8fbccfddda9b33af2e8787988930d8e357ba0edef81f40023b6ac47610802a9523
7
+ data.tar.gz: 734cc8a61f6ee0fc5bd1b455aef026550ea1fac9fe2a7e11bf70fecf3a669013e083ee0413428fa8c4f1b6016edfe2cfe0dab4e73fc60aeded366e9f54923a85
@@ -263,6 +263,17 @@ module StytchB2B
263
263
  # The list's accepted values are: `sms_otp` and `totp`.
264
264
  #
265
265
  # The type of this field is nilable list of +String+.
266
+ # oauth_tenant_jit_provisioning::
267
+ # The authentication setting that controls how a new Member can JIT provision into an organization by tenant. The accepted values are:
268
+ #
269
+ # `RESTRICTED` – only new Members with tenants in `allowed_oauth_tenants` can JIT provision via tenant.
270
+ #
271
+ # `NOT_ALLOWED` – disable JIT provisioning by OAuth Tenant.
272
+ #
273
+ # The type of this field is nilable +String+.
274
+ # allowed_oauth_tenants::
275
+ # A map of allowed OAuth tenants. If this field is not passed in, the Organization will not allow JIT provisioning by OAuth Tenant. Allowed keys are "slack" and "hubspot".
276
+ # The type of this field is nilable +object+.
266
277
  #
267
278
  # == Returns:
268
279
  # An object with the following fields:
@@ -319,7 +330,9 @@ module StytchB2B
319
330
  mfa_policy: nil,
320
331
  rbac_email_implicit_role_assignments: nil,
321
332
  mfa_methods: nil,
322
- allowed_mfa_methods: nil
333
+ allowed_mfa_methods: nil,
334
+ oauth_tenant_jit_provisioning: nil,
335
+ allowed_oauth_tenants: nil
323
336
  )
324
337
  headers = {}
325
338
  request = {
@@ -341,6 +354,8 @@ module StytchB2B
341
354
  request[:rbac_email_implicit_role_assignments] = rbac_email_implicit_role_assignments unless rbac_email_implicit_role_assignments.nil?
342
355
  request[:mfa_methods] = mfa_methods unless mfa_methods.nil?
343
356
  request[:allowed_mfa_methods] = allowed_mfa_methods unless allowed_mfa_methods.nil?
357
+ request[:oauth_tenant_jit_provisioning] = oauth_tenant_jit_provisioning unless oauth_tenant_jit_provisioning.nil?
358
+ request[:allowed_oauth_tenants] = allowed_oauth_tenants unless allowed_oauth_tenants.nil?
344
359
 
345
360
  post_request('/v1/b2b/discovery/organizations/create', request, headers)
346
361
  end
@@ -150,6 +150,17 @@ module StytchB2B
150
150
  # The list's accepted values are: `sms_otp` and `totp`.
151
151
  #
152
152
  # The type of this field is nilable list of +String+.
153
+ # oauth_tenant_jit_provisioning::
154
+ # The authentication setting that controls how a new Member can JIT provision into an organization by tenant. The accepted values are:
155
+ #
156
+ # `RESTRICTED` – only new Members with tenants in `allowed_oauth_tenants` can JIT provision via tenant.
157
+ #
158
+ # `NOT_ALLOWED` – disable JIT provisioning by OAuth Tenant.
159
+ #
160
+ # The type of this field is nilable +String+.
161
+ # allowed_oauth_tenants::
162
+ # A map of allowed OAuth tenants. If this field is not passed in, the Organization will not allow JIT provisioning by OAuth Tenant. Allowed keys are "slack" and "hubspot".
163
+ # The type of this field is nilable +object+.
153
164
  #
154
165
  # == Returns:
155
166
  # An object with the following fields:
@@ -176,7 +187,9 @@ module StytchB2B
176
187
  mfa_policy: nil,
177
188
  rbac_email_implicit_role_assignments: nil,
178
189
  mfa_methods: nil,
179
- allowed_mfa_methods: nil
190
+ allowed_mfa_methods: nil,
191
+ oauth_tenant_jit_provisioning: nil,
192
+ allowed_oauth_tenants: nil
180
193
  )
181
194
  headers = {}
182
195
  request = {
@@ -195,6 +208,8 @@ module StytchB2B
195
208
  request[:rbac_email_implicit_role_assignments] = rbac_email_implicit_role_assignments unless rbac_email_implicit_role_assignments.nil?
196
209
  request[:mfa_methods] = mfa_methods unless mfa_methods.nil?
197
210
  request[:allowed_mfa_methods] = allowed_mfa_methods unless allowed_mfa_methods.nil?
211
+ request[:oauth_tenant_jit_provisioning] = oauth_tenant_jit_provisioning unless oauth_tenant_jit_provisioning.nil?
212
+ request[:allowed_oauth_tenants] = allowed_oauth_tenants unless allowed_oauth_tenants.nil?
198
213
 
199
214
  post_request('/v1/b2b/organizations', request, headers)
200
215
  end
@@ -359,6 +374,21 @@ module StytchB2B
359
374
  #
360
375
  # If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-mfa-methods` action on the `stytch.organization` Resource.
361
376
  # The type of this field is nilable list of +String+.
377
+ # oauth_tenant_jit_provisioning::
378
+ # The authentication setting that controls how a new Member can JIT provision into an organization by tenant. The accepted values are:
379
+ #
380
+ # `RESTRICTED` – only new Members with tenants in `allowed_oauth_tenants` can JIT provision via tenant.
381
+ #
382
+ # `NOT_ALLOWED` – disable JIT provisioning by OAuth Tenant.
383
+ #
384
+ #
385
+ # If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.oauth-tenant-jit-provisioning` action on the `stytch.organization` Resource.
386
+ # The type of this field is nilable +String+.
387
+ # allowed_oauth_tenants::
388
+ # A map of allowed OAuth tenants. If this field is not passed in, the Organization will not allow JIT provisioning by OAuth Tenant. Allowed keys are "slack" and "hubspot".
389
+ #
390
+ # If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.allowed-oauth-tenants` action on the `stytch.organization` Resource.
391
+ # The type of this field is nilable +object+.
362
392
  #
363
393
  # == Returns:
364
394
  # An object with the following fields:
@@ -392,6 +422,8 @@ module StytchB2B
392
422
  rbac_email_implicit_role_assignments: nil,
393
423
  mfa_methods: nil,
394
424
  allowed_mfa_methods: nil,
425
+ oauth_tenant_jit_provisioning: nil,
426
+ allowed_oauth_tenants: nil,
395
427
  method_options: nil
396
428
  )
397
429
  headers = {}
@@ -413,6 +445,8 @@ module StytchB2B
413
445
  request[:rbac_email_implicit_role_assignments] = rbac_email_implicit_role_assignments unless rbac_email_implicit_role_assignments.nil?
414
446
  request[:mfa_methods] = mfa_methods unless mfa_methods.nil?
415
447
  request[:allowed_mfa_methods] = allowed_mfa_methods unless allowed_mfa_methods.nil?
448
+ request[:oauth_tenant_jit_provisioning] = oauth_tenant_jit_provisioning unless oauth_tenant_jit_provisioning.nil?
449
+ request[:allowed_oauth_tenants] = allowed_oauth_tenants unless allowed_oauth_tenants.nil?
416
450
 
417
451
  put_request("/v1/b2b/organizations/#{organization_id}", request, headers)
418
452
  end
@@ -1108,7 +1142,7 @@ module StytchB2B
1108
1142
  # Member's primary email address and the old primary email address is retired.
1109
1143
  #
1110
1144
  # A retired email address cannot be used by other Members in the same Organization. However, unlinking retired email
1111
- # addresses allows then to be subsequently re-used by other Organization Members. Retired email addresses can be viewed
1145
+ # addresses allows them to be subsequently re-used by other Organization Members. Retired email addresses can be viewed
1112
1146
  # on the [Member object](https://stytch.com/docs/b2b/api/member-object).
1113
1147
  # %}
1114
1148
  #
@@ -194,7 +194,7 @@ module StytchB2B
194
194
  # (no documentation yet)
195
195
  # The type of this field is nilable +UpdateRequestIdentityProvider+ (string enum).
196
196
  # scim_group_implicit_role_assignments::
197
- # (no documentation yet)
197
+ # An array of SCIM group implicit role assignments. Each object in the array must contain a `group_id` and a `role_id`.
198
198
  # The type of this field is nilable list of +SCIMGroupImplicitRoleAssignments+.
199
199
  #
200
200
  # == Returns:
@@ -460,7 +460,7 @@ module StytchB2B
460
460
  post_request("/v1/b2b/scim/#{organization_id}/connection", request, headers)
461
461
  end
462
462
 
463
- # Get SCIM Connections.
463
+ # Get SCIM Connection.
464
464
  #
465
465
  # == Parameters:
466
466
  # organization_id::
@@ -16,7 +16,12 @@ module Stytch
16
16
  @connection = connection
17
17
  end
18
18
 
19
- # Initiate the authentication of a crypto wallet. After calling this endpoint, the user will need to sign a message containing only the returned `challenge` field.
19
+ # Initiate the authentication of a crypto wallet. After calling this endpoint, the user will need to sign a message containing the returned `challenge` field.
20
+ #
21
+ # For Ethereum crypto wallets, you can optionally use the Sign In With Ethereum (SIWE) protocol for the message by passing in the `siwe_params`. The only required fields are `domain` and `uri`.
22
+ # If the crypto wallet detects that the domain in the message does not match the website's domain, it will display a warning to the user.
23
+ #
24
+ # If not using the SIWE protocol, the message will simply consist of the project name and a random string.
20
25
  #
21
26
  # == Parameters:
22
27
  # crypto_wallet_type::
@@ -34,6 +39,9 @@ module Stytch
34
39
  # session_jwt::
35
40
  # The `session_jwt` associated with a User's existing Session.
36
41
  # The type of this field is nilable +String+.
42
+ # siwe_params::
43
+ # The parameters for a Sign In With Ethereum (SIWE) message. May only be passed if the `crypto_wallet_type` is `ethereum`.
44
+ # The type of this field is nilable +SIWEParams+ (+object+).
37
45
  #
38
46
  # == Returns:
39
47
  # An object with the following fields:
@@ -57,7 +65,8 @@ module Stytch
57
65
  crypto_wallet_address:,
58
66
  user_id: nil,
59
67
  session_token: nil,
60
- session_jwt: nil
68
+ session_jwt: nil,
69
+ siwe_params: nil
61
70
  )
62
71
  headers = {}
63
72
  request = {
@@ -67,6 +76,7 @@ module Stytch
67
76
  request[:user_id] = user_id unless user_id.nil?
68
77
  request[:session_token] = session_token unless session_token.nil?
69
78
  request[:session_jwt] = session_jwt unless session_jwt.nil?
79
+ request[:siwe_params] = siwe_params unless siwe_params.nil?
70
80
 
71
81
  post_request('/v1/crypto_wallets/authenticate/start', request, headers)
72
82
  end
@@ -132,6 +142,9 @@ module Stytch
132
142
  # See [GET sessions](https://stytch.com/docs/api/session-get) for complete response fields.
133
143
  #
134
144
  # The type of this field is nilable +Session+ (+object+).
145
+ # siwe_params::
146
+ # The parameters of the Sign In With Ethereum (SIWE) message that was signed.
147
+ # The type of this field is nilable +SIWEParamsResponse+ (+object+).
135
148
  def authenticate(
136
149
  crypto_wallet_type:,
137
150
  crypto_wallet_address:,
@@ -156,6 +156,70 @@ module Stytch
156
156
  post_request('/v1/sessions/revoke', request, headers)
157
157
  end
158
158
 
159
+ # Migrate a session from an external OIDC compliant endpoint. Stytch will call the external UserInfo endpoint defined in your Stytch Project settings in the [Dashboard](/dashboard), and then perform a lookup using the `session_token`. If the response contains a valid email address, Stytch will attempt to match that email address with an existing User and create a Stytch Session. You will need to create the user before using this endpoint.
160
+ #
161
+ # == Parameters:
162
+ # session_token::
163
+ # The `session_token` associated with a User's existing Session.
164
+ # The type of this field is +String+.
165
+ # session_duration_minutes::
166
+ # Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist,
167
+ # returning both an opaque `session_token` and `session_jwt` for this session. Remember that the `session_jwt` will have a fixed lifetime of
168
+ # five minutes regardless of the underlying session duration, and will need to be refreshed over time.
169
+ #
170
+ # This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).
171
+ #
172
+ # If a `session_token` or `session_jwt` is provided then a successful authentication will continue to extend the session this many minutes.
173
+ #
174
+ # If the `session_duration_minutes` parameter is not specified, a Stytch session will not be created.
175
+ # The type of this field is nilable +Integer+.
176
+ # session_custom_claims::
177
+ # Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a key in an existing Session, supply a new value. To delete a key, supply a null value.
178
+ #
179
+ # Custom claims made with reserved claims ("iss", "sub", "aud", "exp", "nbf", "iat", "jti") will be ignored. Total custom claims size cannot exceed four kilobytes.
180
+ # The type of this field is nilable +object+.
181
+ #
182
+ # == Returns:
183
+ # An object with the following fields:
184
+ # request_id::
185
+ # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
186
+ # The type of this field is +String+.
187
+ # user_id::
188
+ # The unique ID of the affected User.
189
+ # The type of this field is +String+.
190
+ # session_token::
191
+ # A secret token for a given Stytch Session.
192
+ # The type of this field is +String+.
193
+ # session_jwt::
194
+ # The JSON Web Token (JWT) for a given Stytch Session.
195
+ # The type of this field is +String+.
196
+ # user::
197
+ # The `user` object affected by this API call. See the [Get user endpoint](https://stytch.com/docs/api/get-user) for complete response field details.
198
+ # The type of this field is +User+ (+object+).
199
+ # status_code::
200
+ # (no documentation yet)
201
+ # The type of this field is +Integer+.
202
+ # session::
203
+ # If you initiate a Session, by including `session_duration_minutes` in your authenticate call, you'll receive a full Session object in the response.
204
+ #
205
+ # See [GET sessions](https://stytch.com/docs/api/session-get) for complete response fields.
206
+ #
207
+ # The type of this field is nilable +Session+ (+object+).
208
+ def migrate(
209
+ session_token:,
210
+ session_duration_minutes: nil,
211
+ session_custom_claims: nil
212
+ )
213
+ headers = {}
214
+ request = {
215
+ session_token: session_token
216
+ }
217
+ request[:session_duration_minutes] = session_duration_minutes unless session_duration_minutes.nil?
218
+ request[:session_custom_claims] = session_custom_claims unless session_custom_claims.nil?
219
+
220
+ post_request('/v1/sessions/migrate', request, headers)
221
+ end
222
+
159
223
  # Get the JSON Web Key Set (JWKS) for a project.
160
224
  #
161
225
  # JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key set, and both key sets will be returned by this endpoint for a period of 1 month.
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Stytch
4
- VERSION = '9.3.0'
4
+ VERSION = '9.5.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: stytch
3
3
  version: !ruby/object:Gem::Version
4
- version: 9.3.0
4
+ version: 9.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - stytch
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-07-26 00:00:00.000000000 Z
11
+ date: 2024-08-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: faraday