@dfns/sdk 0.8.21 → 0.8.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/generated/agreements/types.d.ts +9 -0
- package/generated/allocations/types.d.ts +409 -24
- package/generated/auth/client.d.ts +3 -0
- package/generated/auth/client.js +36 -0
- package/generated/auth/delegatedClient.d.ts +5 -0
- package/generated/auth/delegatedClient.js +66 -0
- package/generated/auth/types.d.ts +996 -39
- package/generated/exchanges/types.d.ts +1 -1
- package/generated/feeSponsors/types.d.ts +6 -6
- package/generated/keys/types.d.ts +60 -60
- package/generated/networks/types.d.ts +38 -2
- package/generated/payouts/types.d.ts +8 -8
- package/generated/permissions/types.d.ts +2 -2
- package/generated/policies/types.d.ts +822 -162
- package/generated/signers/types.d.ts +14 -4
- package/generated/staking/types.d.ts +451 -5
- package/generated/swaps/types.d.ts +641 -43
- package/generated/wallets/types.d.ts +509 -110
- package/package.json +1 -1
|
@@ -1,132 +1,217 @@
|
|
|
1
1
|
export type ActivateCredentialBody = {
|
|
2
|
+
/** UUID of the credential to activate. */
|
|
2
3
|
credentialUuid: string;
|
|
3
4
|
};
|
|
4
5
|
export type ActivateCredentialResponse = {
|
|
6
|
+
/** Human-readable success message. */
|
|
5
7
|
message: string;
|
|
6
8
|
};
|
|
7
9
|
export type ActivateCredentialRequest = {
|
|
8
10
|
body: ActivateCredentialBody;
|
|
9
11
|
};
|
|
10
12
|
export type ActivatePersonalAccessTokenParams = {
|
|
13
|
+
/** Token id. */
|
|
11
14
|
tokenId: string;
|
|
12
15
|
};
|
|
13
16
|
export type ActivatePersonalAccessTokenResponse = {
|
|
17
|
+
/** The access token. Only returned at creation time. */
|
|
14
18
|
accessToken?: string | undefined;
|
|
15
19
|
dateCreated: string;
|
|
20
|
+
/** ID of the credential associated with the access token. */
|
|
16
21
|
credId: string;
|
|
22
|
+
/** Whether the access token is active. */
|
|
17
23
|
isActive: boolean;
|
|
18
24
|
/** Access token kind. */
|
|
19
25
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
26
|
+
/** User id. */
|
|
20
27
|
linkedUserId: string;
|
|
28
|
+
/** ID of the application the access token is linked to. */
|
|
21
29
|
linkedAppId: string;
|
|
30
|
+
/** Human-readable name of the access token. */
|
|
22
31
|
name: string;
|
|
32
|
+
/** Organization id. */
|
|
23
33
|
orgId: string;
|
|
34
|
+
/** Permissions (roles) assigned to the access token. */
|
|
24
35
|
permissionAssignments: {
|
|
36
|
+
/** Human-readable name of the permission (role). */
|
|
25
37
|
permissionName: string;
|
|
38
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
26
39
|
permissionId: string;
|
|
40
|
+
/** ID of the permission assignment. */
|
|
27
41
|
assignmentId: string;
|
|
42
|
+
/** List of API operations granted by this permission. */
|
|
28
43
|
operations?: string[] | undefined;
|
|
29
44
|
}[];
|
|
45
|
+
/** Public key associated with the access token. */
|
|
30
46
|
publicKey: string;
|
|
47
|
+
/** Token id. */
|
|
31
48
|
tokenId: string;
|
|
32
49
|
};
|
|
33
50
|
export type ActivatePersonalAccessTokenRequest = ActivatePersonalAccessTokenParams;
|
|
34
51
|
export type ActivateServiceAccountParams = {
|
|
52
|
+
/** ID of the service account. */
|
|
35
53
|
serviceAccountId: string;
|
|
36
54
|
};
|
|
37
55
|
export type ActivateServiceAccountResponse = {
|
|
38
56
|
userInfo: {
|
|
57
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
39
58
|
username: string;
|
|
59
|
+
/** Display name of the user. */
|
|
40
60
|
name: string;
|
|
41
61
|
/** User id. */
|
|
42
62
|
userId: string;
|
|
43
63
|
/** User kind. */
|
|
44
|
-
kind: "DfnsStaff" | "
|
|
64
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
65
|
+
/** UUID of the user's primary credential. */
|
|
45
66
|
credentialUuid: string;
|
|
46
|
-
|
|
67
|
+
/** Organization id. */
|
|
68
|
+
orgId?: string | undefined;
|
|
69
|
+
/** Tenant id. */
|
|
70
|
+
tenantId?: string | undefined;
|
|
71
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
47
72
|
permissions?: string[] | undefined;
|
|
73
|
+
/** Whether the user is active. */
|
|
48
74
|
isActive: boolean;
|
|
75
|
+
/** Whether the user is a service account. */
|
|
49
76
|
isServiceAccount: boolean;
|
|
77
|
+
/** Whether the user has completed registration. */
|
|
50
78
|
isRegistered: boolean;
|
|
79
|
+
/** Permissions (roles) assigned to the user. */
|
|
51
80
|
permissionAssignments: {
|
|
81
|
+
/** Human-readable name of the permission (role). */
|
|
52
82
|
permissionName: string;
|
|
83
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
53
84
|
permissionId: string;
|
|
85
|
+
/** ID of the permission assignment. */
|
|
54
86
|
assignmentId: string;
|
|
87
|
+
/** List of API operations granted by this permission. */
|
|
55
88
|
operations?: string[] | undefined;
|
|
56
89
|
}[];
|
|
57
90
|
};
|
|
58
91
|
accessTokens: {
|
|
92
|
+
/** The access token. Only returned at creation time. */
|
|
59
93
|
accessToken?: string | undefined;
|
|
60
94
|
dateCreated: string;
|
|
95
|
+
/** ID of the credential associated with the access token. */
|
|
61
96
|
credId: string;
|
|
97
|
+
/** Whether the access token is active. */
|
|
62
98
|
isActive: boolean;
|
|
63
99
|
/** Access token kind. */
|
|
64
100
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
101
|
+
/** User id. */
|
|
65
102
|
linkedUserId: string;
|
|
103
|
+
/** ID of the application the access token is linked to. */
|
|
66
104
|
linkedAppId: string;
|
|
105
|
+
/** Human-readable name of the access token. */
|
|
67
106
|
name: string;
|
|
107
|
+
/** Organization id. */
|
|
68
108
|
orgId: string;
|
|
109
|
+
/** Permissions (roles) assigned to the access token. */
|
|
69
110
|
permissionAssignments: {
|
|
111
|
+
/** Human-readable name of the permission (role). */
|
|
70
112
|
permissionName: string;
|
|
113
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
71
114
|
permissionId: string;
|
|
115
|
+
/** ID of the permission assignment. */
|
|
72
116
|
assignmentId: string;
|
|
117
|
+
/** List of API operations granted by this permission. */
|
|
73
118
|
operations?: string[] | undefined;
|
|
74
119
|
}[];
|
|
120
|
+
/** Public key associated with the access token. */
|
|
75
121
|
publicKey: string;
|
|
122
|
+
/** Token id. */
|
|
76
123
|
tokenId: string;
|
|
77
124
|
}[];
|
|
78
125
|
};
|
|
79
126
|
export type ActivateServiceAccountRequest = ActivateServiceAccountParams;
|
|
80
127
|
export type ActivateUserParams = {
|
|
128
|
+
/** User id. */
|
|
81
129
|
userId: string;
|
|
82
130
|
};
|
|
83
131
|
export type ActivateUserResponse = {
|
|
132
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
84
133
|
username: string;
|
|
134
|
+
/** Display name of the user. */
|
|
85
135
|
name: string;
|
|
86
136
|
/** User id. */
|
|
87
137
|
userId: string;
|
|
88
138
|
/** User kind. */
|
|
89
|
-
kind: "DfnsStaff" | "
|
|
139
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
140
|
+
/** UUID of the user's primary credential. */
|
|
90
141
|
credentialUuid: string;
|
|
91
|
-
|
|
142
|
+
/** Organization id. */
|
|
143
|
+
orgId?: string | undefined;
|
|
144
|
+
/** Tenant id. */
|
|
145
|
+
tenantId?: string | undefined;
|
|
146
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
92
147
|
permissions?: string[] | undefined;
|
|
148
|
+
/** Whether the user is active. */
|
|
93
149
|
isActive: boolean;
|
|
150
|
+
/** Whether the user is a service account. */
|
|
94
151
|
isServiceAccount: boolean;
|
|
152
|
+
/** Whether the user has completed registration. */
|
|
95
153
|
isRegistered: boolean;
|
|
154
|
+
/** Whether the user must authenticate via SSO. */
|
|
96
155
|
isSSORequired: boolean;
|
|
156
|
+
/** Permissions (roles) assigned to the user. */
|
|
97
157
|
permissionAssignments: {
|
|
158
|
+
/** Human-readable name of the permission (role). */
|
|
98
159
|
permissionName: string;
|
|
160
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
99
161
|
permissionId: string;
|
|
162
|
+
/** ID of the permission assignment. */
|
|
100
163
|
assignmentId: string;
|
|
164
|
+
/** List of API operations granted by this permission. */
|
|
101
165
|
operations?: string[] | undefined;
|
|
102
166
|
}[];
|
|
103
167
|
};
|
|
104
168
|
export type ActivateUserRequest = ActivateUserParams;
|
|
169
|
+
export type ArchiveCredentialParams = {
|
|
170
|
+
credentialUuid: string;
|
|
171
|
+
};
|
|
172
|
+
export type ArchiveCredentialResponse = {};
|
|
173
|
+
export type ArchiveCredentialRequest = ArchiveCredentialParams;
|
|
105
174
|
export type ArchivePersonalAccessTokenParams = {
|
|
175
|
+
/** Token id. */
|
|
106
176
|
tokenId: string;
|
|
107
177
|
};
|
|
108
178
|
export type ArchivePersonalAccessTokenResponse = {
|
|
179
|
+
/** The access token. Only returned at creation time. */
|
|
109
180
|
accessToken?: string | undefined;
|
|
110
181
|
dateCreated: string;
|
|
182
|
+
/** ID of the credential associated with the access token. */
|
|
111
183
|
credId: string;
|
|
184
|
+
/** Whether the access token is active. */
|
|
112
185
|
isActive: boolean;
|
|
113
186
|
/** Access token kind. */
|
|
114
187
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
188
|
+
/** User id. */
|
|
115
189
|
linkedUserId: string;
|
|
190
|
+
/** ID of the application the access token is linked to. */
|
|
116
191
|
linkedAppId: string;
|
|
192
|
+
/** Human-readable name of the access token. */
|
|
117
193
|
name: string;
|
|
194
|
+
/** Organization id. */
|
|
118
195
|
orgId: string;
|
|
196
|
+
/** Permissions (roles) assigned to the access token. */
|
|
119
197
|
permissionAssignments: {
|
|
198
|
+
/** Human-readable name of the permission (role). */
|
|
120
199
|
permissionName: string;
|
|
200
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
121
201
|
permissionId: string;
|
|
202
|
+
/** ID of the permission assignment. */
|
|
122
203
|
assignmentId: string;
|
|
204
|
+
/** List of API operations granted by this permission. */
|
|
123
205
|
operations?: string[] | undefined;
|
|
124
206
|
}[];
|
|
207
|
+
/** Public key associated with the access token. */
|
|
125
208
|
publicKey: string;
|
|
209
|
+
/** Token id. */
|
|
126
210
|
tokenId: string;
|
|
127
211
|
};
|
|
128
212
|
export type ArchivePersonalAccessTokenRequest = ArchivePersonalAccessTokenParams;
|
|
129
213
|
export type ArchiveServiceAccountParams = {
|
|
214
|
+
/** ID of the service account. */
|
|
130
215
|
serviceAccountId: string;
|
|
131
216
|
};
|
|
132
217
|
export type ArchiveServiceAccountQuery = {
|
|
@@ -135,43 +220,72 @@ export type ArchiveServiceAccountQuery = {
|
|
|
135
220
|
};
|
|
136
221
|
export type ArchiveServiceAccountResponse = {
|
|
137
222
|
userInfo: {
|
|
223
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
138
224
|
username: string;
|
|
225
|
+
/** Display name of the user. */
|
|
139
226
|
name: string;
|
|
140
227
|
/** User id. */
|
|
141
228
|
userId: string;
|
|
142
229
|
/** User kind. */
|
|
143
|
-
kind: "DfnsStaff" | "
|
|
230
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
231
|
+
/** UUID of the user's primary credential. */
|
|
144
232
|
credentialUuid: string;
|
|
145
|
-
|
|
233
|
+
/** Organization id. */
|
|
234
|
+
orgId?: string | undefined;
|
|
235
|
+
/** Tenant id. */
|
|
236
|
+
tenantId?: string | undefined;
|
|
237
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
146
238
|
permissions?: string[] | undefined;
|
|
239
|
+
/** Whether the user is active. */
|
|
147
240
|
isActive: boolean;
|
|
241
|
+
/** Whether the user is a service account. */
|
|
148
242
|
isServiceAccount: boolean;
|
|
243
|
+
/** Whether the user has completed registration. */
|
|
149
244
|
isRegistered: boolean;
|
|
245
|
+
/** Permissions (roles) assigned to the user. */
|
|
150
246
|
permissionAssignments: {
|
|
247
|
+
/** Human-readable name of the permission (role). */
|
|
151
248
|
permissionName: string;
|
|
249
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
152
250
|
permissionId: string;
|
|
251
|
+
/** ID of the permission assignment. */
|
|
153
252
|
assignmentId: string;
|
|
253
|
+
/** List of API operations granted by this permission. */
|
|
154
254
|
operations?: string[] | undefined;
|
|
155
255
|
}[];
|
|
156
256
|
};
|
|
157
257
|
accessTokens: {
|
|
258
|
+
/** The access token. Only returned at creation time. */
|
|
158
259
|
accessToken?: string | undefined;
|
|
159
260
|
dateCreated: string;
|
|
261
|
+
/** ID of the credential associated with the access token. */
|
|
160
262
|
credId: string;
|
|
263
|
+
/** Whether the access token is active. */
|
|
161
264
|
isActive: boolean;
|
|
162
265
|
/** Access token kind. */
|
|
163
266
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
267
|
+
/** User id. */
|
|
164
268
|
linkedUserId: string;
|
|
269
|
+
/** ID of the application the access token is linked to. */
|
|
165
270
|
linkedAppId: string;
|
|
271
|
+
/** Human-readable name of the access token. */
|
|
166
272
|
name: string;
|
|
273
|
+
/** Organization id. */
|
|
167
274
|
orgId: string;
|
|
275
|
+
/** Permissions (roles) assigned to the access token. */
|
|
168
276
|
permissionAssignments: {
|
|
277
|
+
/** Human-readable name of the permission (role). */
|
|
169
278
|
permissionName: string;
|
|
279
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
170
280
|
permissionId: string;
|
|
281
|
+
/** ID of the permission assignment. */
|
|
171
282
|
assignmentId: string;
|
|
283
|
+
/** List of API operations granted by this permission. */
|
|
172
284
|
operations?: string[] | undefined;
|
|
173
285
|
}[];
|
|
286
|
+
/** Public key associated with the access token. */
|
|
174
287
|
publicKey: string;
|
|
288
|
+
/** Token id. */
|
|
175
289
|
tokenId: string;
|
|
176
290
|
}[];
|
|
177
291
|
};
|
|
@@ -179,26 +293,43 @@ export type ArchiveServiceAccountRequest = ArchiveServiceAccountParams & {
|
|
|
179
293
|
query?: ArchiveServiceAccountQuery;
|
|
180
294
|
};
|
|
181
295
|
export type ArchiveUserParams = {
|
|
296
|
+
/** User id. */
|
|
182
297
|
userId: string;
|
|
183
298
|
};
|
|
184
299
|
export type ArchiveUserResponse = {
|
|
300
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
185
301
|
username: string;
|
|
302
|
+
/** Display name of the user. */
|
|
186
303
|
name: string;
|
|
187
304
|
/** User id. */
|
|
188
305
|
userId: string;
|
|
189
306
|
/** User kind. */
|
|
190
|
-
kind: "DfnsStaff" | "
|
|
307
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
308
|
+
/** UUID of the user's primary credential. */
|
|
191
309
|
credentialUuid: string;
|
|
192
|
-
|
|
310
|
+
/** Organization id. */
|
|
311
|
+
orgId?: string | undefined;
|
|
312
|
+
/** Tenant id. */
|
|
313
|
+
tenantId?: string | undefined;
|
|
314
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
193
315
|
permissions?: string[] | undefined;
|
|
316
|
+
/** Whether the user is active. */
|
|
194
317
|
isActive: boolean;
|
|
318
|
+
/** Whether the user is a service account. */
|
|
195
319
|
isServiceAccount: boolean;
|
|
320
|
+
/** Whether the user has completed registration. */
|
|
196
321
|
isRegistered: boolean;
|
|
322
|
+
/** Whether the user must authenticate via SSO. */
|
|
197
323
|
isSSORequired: boolean;
|
|
324
|
+
/** Permissions (roles) assigned to the user. */
|
|
198
325
|
permissionAssignments: {
|
|
326
|
+
/** Human-readable name of the permission (role). */
|
|
199
327
|
permissionName: string;
|
|
328
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
200
329
|
permissionId: string;
|
|
330
|
+
/** ID of the permission assignment. */
|
|
201
331
|
assignmentId: string;
|
|
332
|
+
/** List of API operations granted by this permission. */
|
|
202
333
|
operations?: string[] | undefined;
|
|
203
334
|
}[];
|
|
204
335
|
};
|
|
@@ -206,65 +337,100 @@ export type ArchiveUserRequest = ArchiveUserParams;
|
|
|
206
337
|
export type CreateCredentialBody = {
|
|
207
338
|
credentialKind: "Fido2";
|
|
208
339
|
credentialInfo: {
|
|
340
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
209
341
|
credId: string;
|
|
342
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
210
343
|
clientData: string;
|
|
344
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
211
345
|
attestationData: string;
|
|
212
346
|
};
|
|
347
|
+
/** Human-readable name of the credential. */
|
|
213
348
|
credentialName: string;
|
|
349
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
214
350
|
challengeIdentifier: string;
|
|
215
351
|
} | {
|
|
216
352
|
credentialKind: "Key";
|
|
217
353
|
credentialInfo: {
|
|
354
|
+
/** Base64url-encoded id of the credential. */
|
|
218
355
|
credId: string;
|
|
356
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
219
357
|
clientData: string;
|
|
358
|
+
/** Base64url-encoded public key. */
|
|
220
359
|
attestationData: string;
|
|
221
360
|
};
|
|
361
|
+
/** Human-readable name of the credential. */
|
|
222
362
|
credentialName: string;
|
|
363
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
223
364
|
challengeIdentifier: string;
|
|
224
365
|
} | {
|
|
225
366
|
credentialKind: "PasswordProtectedKey";
|
|
226
367
|
credentialInfo: {
|
|
368
|
+
/** Base64url-encoded id of the credential. */
|
|
227
369
|
credId: string;
|
|
370
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
228
371
|
clientData: string;
|
|
372
|
+
/** Base64url-encoded public key. */
|
|
229
373
|
attestationData: string;
|
|
230
374
|
};
|
|
375
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
231
376
|
encryptedPrivateKey: string;
|
|
377
|
+
/** Human-readable name of the credential. */
|
|
232
378
|
credentialName: string;
|
|
379
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
233
380
|
challengeIdentifier: string;
|
|
234
381
|
} | {
|
|
235
382
|
credentialKind: "RecoveryKey";
|
|
236
383
|
credentialInfo: {
|
|
384
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
237
385
|
credId: string;
|
|
386
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
238
387
|
clientData: string;
|
|
388
|
+
/** Base64url-encoded public key. */
|
|
239
389
|
attestationData: string;
|
|
240
390
|
};
|
|
391
|
+
/** User-encrypted private key for the recovery credential. */
|
|
241
392
|
encryptedPrivateKey?: string | undefined;
|
|
393
|
+
/** Human-readable name of the credential. */
|
|
242
394
|
credentialName: string;
|
|
395
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
243
396
|
challengeIdentifier: string;
|
|
244
397
|
} | {
|
|
245
398
|
credentialKind: "Password";
|
|
246
399
|
credentialInfo: {
|
|
400
|
+
/** User password. */
|
|
247
401
|
password: string;
|
|
248
402
|
};
|
|
403
|
+
/** Human-readable name of the credential. */
|
|
249
404
|
credentialName: string;
|
|
405
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
250
406
|
challengeIdentifier: string;
|
|
251
407
|
} | {
|
|
252
408
|
credentialKind: "Totp";
|
|
253
409
|
credentialInfo: {
|
|
410
|
+
/** TOTP one-time code. */
|
|
254
411
|
otpCode: string;
|
|
255
412
|
};
|
|
413
|
+
/** Human-readable name of the credential. */
|
|
256
414
|
credentialName: string;
|
|
415
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
257
416
|
challengeIdentifier: string;
|
|
258
417
|
};
|
|
259
418
|
export type CreateCredentialResponse = {
|
|
260
419
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
420
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
261
421
|
credentialId: string;
|
|
422
|
+
/** Dfns-internal UUID of the credential. */
|
|
262
423
|
credentialUuid: string;
|
|
263
424
|
dateCreated: string;
|
|
425
|
+
/** Whether the credential is active. */
|
|
264
426
|
isActive: boolean;
|
|
427
|
+
/** Human-readable name of the credential. */
|
|
265
428
|
name: string;
|
|
429
|
+
/** Public key of the credential. */
|
|
266
430
|
publicKey: string;
|
|
431
|
+
/** Relying party identifier associated with the credential. */
|
|
267
432
|
relyingPartyId: string;
|
|
433
|
+
/** Origin where the credential was created. */
|
|
268
434
|
origin: string;
|
|
269
435
|
};
|
|
270
436
|
export type CreateCredentialRequest = {
|
|
@@ -276,14 +442,21 @@ export type CreateCredentialChallengeBody = {
|
|
|
276
442
|
export type CreateCredentialChallengeResponse = {
|
|
277
443
|
kind: "Fido2";
|
|
278
444
|
user: {
|
|
445
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
279
446
|
id: string;
|
|
447
|
+
/** Display name of the user. */
|
|
280
448
|
displayName: string;
|
|
449
|
+
/** Username of the user. */
|
|
281
450
|
name: string;
|
|
282
451
|
};
|
|
452
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
283
453
|
challengeIdentifier: string;
|
|
454
|
+
/** Challenge value to be signed by the credential. */
|
|
284
455
|
challenge: string;
|
|
285
456
|
rp?: {
|
|
457
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
286
458
|
id: string;
|
|
459
|
+
/** Human-readable name of the relying party. */
|
|
287
460
|
name: string;
|
|
288
461
|
} | undefined;
|
|
289
462
|
authenticatorSelection: {
|
|
@@ -319,14 +492,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
319
492
|
} | {
|
|
320
493
|
kind: "Key";
|
|
321
494
|
user: {
|
|
495
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
322
496
|
id: string;
|
|
497
|
+
/** Display name of the user. */
|
|
323
498
|
displayName: string;
|
|
499
|
+
/** Username of the user. */
|
|
324
500
|
name: string;
|
|
325
501
|
};
|
|
502
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
326
503
|
challengeIdentifier: string;
|
|
504
|
+
/** Challenge value to be signed by the credential. */
|
|
327
505
|
challenge: string;
|
|
328
506
|
rp?: {
|
|
507
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
329
508
|
id: string;
|
|
509
|
+
/** Human-readable name of the relying party. */
|
|
330
510
|
name: string;
|
|
331
511
|
} | undefined;
|
|
332
512
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -345,14 +525,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
345
525
|
} | {
|
|
346
526
|
kind: "PasswordProtectedKey";
|
|
347
527
|
user: {
|
|
528
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
348
529
|
id: string;
|
|
530
|
+
/** Display name of the user. */
|
|
349
531
|
displayName: string;
|
|
532
|
+
/** Username of the user. */
|
|
350
533
|
name: string;
|
|
351
534
|
};
|
|
535
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
352
536
|
challengeIdentifier: string;
|
|
537
|
+
/** Challenge value to be signed by the credential. */
|
|
353
538
|
challenge: string;
|
|
354
539
|
rp?: {
|
|
540
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
355
541
|
id: string;
|
|
542
|
+
/** Human-readable name of the relying party. */
|
|
356
543
|
name: string;
|
|
357
544
|
} | undefined;
|
|
358
545
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -371,14 +558,21 @@ export type CreateCredentialChallengeResponse = {
|
|
|
371
558
|
} | {
|
|
372
559
|
kind: "RecoveryKey";
|
|
373
560
|
user: {
|
|
561
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
374
562
|
id: string;
|
|
563
|
+
/** Display name of the user. */
|
|
375
564
|
displayName: string;
|
|
565
|
+
/** Username of the user. */
|
|
376
566
|
name: string;
|
|
377
567
|
};
|
|
568
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
378
569
|
challengeIdentifier: string;
|
|
570
|
+
/** Challenge value to be signed by the credential. */
|
|
379
571
|
challenge: string;
|
|
380
572
|
rp?: {
|
|
573
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
381
574
|
id: string;
|
|
575
|
+
/** Human-readable name of the relying party. */
|
|
382
576
|
name: string;
|
|
383
577
|
} | undefined;
|
|
384
578
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -397,13 +591,19 @@ export type CreateCredentialChallengeResponse = {
|
|
|
397
591
|
} | {
|
|
398
592
|
kind: "Password";
|
|
399
593
|
user: {
|
|
594
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
400
595
|
id: string;
|
|
596
|
+
/** Display name of the user. */
|
|
401
597
|
displayName: string;
|
|
598
|
+
/** Username of the user. */
|
|
402
599
|
name: string;
|
|
403
600
|
};
|
|
601
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
404
602
|
challengeIdentifier: string;
|
|
405
603
|
rp?: {
|
|
604
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
406
605
|
id: string;
|
|
606
|
+
/** Human-readable name of the relying party. */
|
|
407
607
|
name: string;
|
|
408
608
|
} | undefined;
|
|
409
609
|
/** @deprecated use challengeIdentifier instead */
|
|
@@ -411,15 +611,22 @@ export type CreateCredentialChallengeResponse = {
|
|
|
411
611
|
} | {
|
|
412
612
|
kind: "Totp";
|
|
413
613
|
user: {
|
|
614
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
414
615
|
id: string;
|
|
616
|
+
/** Display name of the user. */
|
|
415
617
|
displayName: string;
|
|
618
|
+
/** Username of the user. */
|
|
416
619
|
name: string;
|
|
417
620
|
};
|
|
621
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
418
622
|
challengeIdentifier: string;
|
|
419
623
|
rp?: {
|
|
624
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
420
625
|
id: string;
|
|
626
|
+
/** Human-readable name of the relying party. */
|
|
421
627
|
name: string;
|
|
422
628
|
} | undefined;
|
|
629
|
+
/** Provisioning URL for the TOTP authenticator. */
|
|
423
630
|
otpUrl: string;
|
|
424
631
|
/** @deprecated use challengeIdentifier instead */
|
|
425
632
|
temporaryAuthenticationToken: string;
|
|
@@ -429,19 +636,27 @@ export type CreateCredentialChallengeRequest = {
|
|
|
429
636
|
};
|
|
430
637
|
export type CreateCredentialChallengeWithCodeBody = {
|
|
431
638
|
credentialKind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
639
|
+
/** One-time code obtained from the create credential code endpoint. */
|
|
432
640
|
code: string;
|
|
433
641
|
};
|
|
434
642
|
export type CreateCredentialChallengeWithCodeResponse = {
|
|
435
643
|
kind: "Fido2";
|
|
436
644
|
user: {
|
|
645
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
437
646
|
id: string;
|
|
647
|
+
/** Display name of the user. */
|
|
438
648
|
displayName: string;
|
|
649
|
+
/** Username of the user. */
|
|
439
650
|
name: string;
|
|
440
651
|
};
|
|
652
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
441
653
|
challengeIdentifier: string;
|
|
654
|
+
/** Challenge value to be signed by the credential. */
|
|
442
655
|
challenge: string;
|
|
443
656
|
rp?: {
|
|
657
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
444
658
|
id: string;
|
|
659
|
+
/** Human-readable name of the relying party. */
|
|
445
660
|
name: string;
|
|
446
661
|
} | undefined;
|
|
447
662
|
authenticatorSelection: {
|
|
@@ -477,14 +692,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
477
692
|
} | {
|
|
478
693
|
kind: "Key";
|
|
479
694
|
user: {
|
|
695
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
480
696
|
id: string;
|
|
697
|
+
/** Display name of the user. */
|
|
481
698
|
displayName: string;
|
|
699
|
+
/** Username of the user. */
|
|
482
700
|
name: string;
|
|
483
701
|
};
|
|
702
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
484
703
|
challengeIdentifier: string;
|
|
704
|
+
/** Challenge value to be signed by the credential. */
|
|
485
705
|
challenge: string;
|
|
486
706
|
rp?: {
|
|
707
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
487
708
|
id: string;
|
|
709
|
+
/** Human-readable name of the relying party. */
|
|
488
710
|
name: string;
|
|
489
711
|
} | undefined;
|
|
490
712
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -503,14 +725,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
503
725
|
} | {
|
|
504
726
|
kind: "PasswordProtectedKey";
|
|
505
727
|
user: {
|
|
728
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
506
729
|
id: string;
|
|
730
|
+
/** Display name of the user. */
|
|
507
731
|
displayName: string;
|
|
732
|
+
/** Username of the user. */
|
|
508
733
|
name: string;
|
|
509
734
|
};
|
|
735
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
510
736
|
challengeIdentifier: string;
|
|
737
|
+
/** Challenge value to be signed by the credential. */
|
|
511
738
|
challenge: string;
|
|
512
739
|
rp?: {
|
|
740
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
513
741
|
id: string;
|
|
742
|
+
/** Human-readable name of the relying party. */
|
|
514
743
|
name: string;
|
|
515
744
|
} | undefined;
|
|
516
745
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -529,14 +758,21 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
529
758
|
} | {
|
|
530
759
|
kind: "RecoveryKey";
|
|
531
760
|
user: {
|
|
761
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
532
762
|
id: string;
|
|
763
|
+
/** Display name of the user. */
|
|
533
764
|
displayName: string;
|
|
765
|
+
/** Username of the user. */
|
|
534
766
|
name: string;
|
|
535
767
|
};
|
|
768
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
536
769
|
challengeIdentifier: string;
|
|
770
|
+
/** Challenge value to be signed by the credential. */
|
|
537
771
|
challenge: string;
|
|
538
772
|
rp?: {
|
|
773
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
539
774
|
id: string;
|
|
775
|
+
/** Human-readable name of the relying party. */
|
|
540
776
|
name: string;
|
|
541
777
|
} | undefined;
|
|
542
778
|
/** Identifies the information needed to verify the user's signing certificate; can be one of the following:
|
|
@@ -555,13 +791,19 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
555
791
|
} | {
|
|
556
792
|
kind: "Password";
|
|
557
793
|
user: {
|
|
794
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
558
795
|
id: string;
|
|
796
|
+
/** Display name of the user. */
|
|
559
797
|
displayName: string;
|
|
798
|
+
/** Username of the user. */
|
|
560
799
|
name: string;
|
|
561
800
|
};
|
|
801
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
562
802
|
challengeIdentifier: string;
|
|
563
803
|
rp?: {
|
|
804
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
564
805
|
id: string;
|
|
806
|
+
/** Human-readable name of the relying party. */
|
|
565
807
|
name: string;
|
|
566
808
|
} | undefined;
|
|
567
809
|
/** @deprecated use challengeIdentifier instead */
|
|
@@ -569,15 +811,22 @@ export type CreateCredentialChallengeWithCodeResponse = {
|
|
|
569
811
|
} | {
|
|
570
812
|
kind: "Totp";
|
|
571
813
|
user: {
|
|
814
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
572
815
|
id: string;
|
|
816
|
+
/** Display name of the user. */
|
|
573
817
|
displayName: string;
|
|
818
|
+
/** Username of the user. */
|
|
574
819
|
name: string;
|
|
575
820
|
};
|
|
821
|
+
/** Challenge identifier to be used in the subsequent create credential request. */
|
|
576
822
|
challengeIdentifier: string;
|
|
577
823
|
rp?: {
|
|
824
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
578
825
|
id: string;
|
|
826
|
+
/** Human-readable name of the relying party. */
|
|
579
827
|
name: string;
|
|
580
828
|
} | undefined;
|
|
829
|
+
/** Provisioning URL for the TOTP authenticator. */
|
|
581
830
|
otpUrl: string;
|
|
582
831
|
/** @deprecated use challengeIdentifier instead */
|
|
583
832
|
temporaryAuthenticationToken: string;
|
|
@@ -590,7 +839,9 @@ export type CreateCredentialCodeBody = {
|
|
|
590
839
|
expiration: string | number;
|
|
591
840
|
};
|
|
592
841
|
export type CreateCredentialCodeResponse = {
|
|
842
|
+
/** One-time code that can be used to create a new credential. */
|
|
593
843
|
code: string;
|
|
844
|
+
/** Code expiration, as an ISO-8601 datetime string or a unix timestamp. */
|
|
594
845
|
expiration: string;
|
|
595
846
|
};
|
|
596
847
|
export type CreateCredentialCodeRequest = {
|
|
@@ -599,88 +850,136 @@ export type CreateCredentialCodeRequest = {
|
|
|
599
850
|
export type CreateCredentialWithCodeBody = {
|
|
600
851
|
credentialKind: "Fido2";
|
|
601
852
|
credentialInfo: {
|
|
853
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
602
854
|
credId: string;
|
|
855
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
603
856
|
clientData: string;
|
|
857
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
604
858
|
attestationData: string;
|
|
605
859
|
};
|
|
860
|
+
/** Human-readable name of the credential. */
|
|
606
861
|
credentialName: string;
|
|
862
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
607
863
|
challengeIdentifier: string;
|
|
608
864
|
} | {
|
|
609
865
|
credentialKind: "Key";
|
|
610
866
|
credentialInfo: {
|
|
867
|
+
/** Base64url-encoded id of the credential. */
|
|
611
868
|
credId: string;
|
|
869
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
612
870
|
clientData: string;
|
|
871
|
+
/** Base64url-encoded public key. */
|
|
613
872
|
attestationData: string;
|
|
614
873
|
};
|
|
874
|
+
/** Human-readable name of the credential. */
|
|
615
875
|
credentialName: string;
|
|
876
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
616
877
|
challengeIdentifier: string;
|
|
617
878
|
} | {
|
|
618
879
|
credentialKind: "PasswordProtectedKey";
|
|
619
880
|
credentialInfo: {
|
|
881
|
+
/** Base64url-encoded id of the credential. */
|
|
620
882
|
credId: string;
|
|
883
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
621
884
|
clientData: string;
|
|
885
|
+
/** Base64url-encoded public key. */
|
|
622
886
|
attestationData: string;
|
|
623
887
|
};
|
|
888
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
624
889
|
encryptedPrivateKey: string;
|
|
890
|
+
/** Human-readable name of the credential. */
|
|
625
891
|
credentialName: string;
|
|
892
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
626
893
|
challengeIdentifier: string;
|
|
627
894
|
} | {
|
|
628
895
|
credentialKind: "RecoveryKey";
|
|
629
896
|
credentialInfo: {
|
|
897
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
630
898
|
credId: string;
|
|
899
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
631
900
|
clientData: string;
|
|
901
|
+
/** Base64url-encoded public key. */
|
|
632
902
|
attestationData: string;
|
|
633
903
|
};
|
|
904
|
+
/** User-encrypted private key for the recovery credential. */
|
|
634
905
|
encryptedPrivateKey?: string | undefined;
|
|
906
|
+
/** Human-readable name of the credential. */
|
|
635
907
|
credentialName: string;
|
|
908
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
636
909
|
challengeIdentifier: string;
|
|
637
910
|
} | {
|
|
638
911
|
credentialKind: "Password";
|
|
639
912
|
credentialInfo: {
|
|
913
|
+
/** User password. */
|
|
640
914
|
password: string;
|
|
641
915
|
};
|
|
916
|
+
/** Human-readable name of the credential. */
|
|
642
917
|
credentialName: string;
|
|
918
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
643
919
|
challengeIdentifier: string;
|
|
644
920
|
} | {
|
|
645
921
|
credentialKind: "Totp";
|
|
646
922
|
credentialInfo: {
|
|
923
|
+
/** TOTP one-time code. */
|
|
647
924
|
otpCode: string;
|
|
648
925
|
};
|
|
926
|
+
/** Human-readable name of the credential. */
|
|
649
927
|
credentialName: string;
|
|
928
|
+
/** Challenge identifier returned by the create credential challenge endpoint. */
|
|
650
929
|
challengeIdentifier: string;
|
|
651
930
|
};
|
|
652
931
|
export type CreateCredentialWithCodeResponse = {
|
|
653
932
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
933
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
654
934
|
credentialId: string;
|
|
935
|
+
/** Dfns-internal UUID of the credential. */
|
|
655
936
|
credentialUuid: string;
|
|
656
937
|
dateCreated: string;
|
|
938
|
+
/** Whether the credential is active. */
|
|
657
939
|
isActive: boolean;
|
|
940
|
+
/** Human-readable name of the credential. */
|
|
658
941
|
name: string;
|
|
942
|
+
/** Public key of the credential. */
|
|
659
943
|
publicKey: string;
|
|
944
|
+
/** Relying party identifier associated with the credential. */
|
|
660
945
|
relyingPartyId: string;
|
|
946
|
+
/** Origin where the credential was created. */
|
|
661
947
|
origin: string;
|
|
662
948
|
};
|
|
663
949
|
export type CreateCredentialWithCodeRequest = {
|
|
664
950
|
body: CreateCredentialWithCodeBody;
|
|
665
951
|
};
|
|
666
952
|
export type CreateDelegatedRecoveryChallengeBody = {
|
|
953
|
+
/** Username/identifier of the user to recover. */
|
|
667
954
|
username: string;
|
|
955
|
+
/** Identifier of the recovery credential to use. */
|
|
668
956
|
credentialId: string;
|
|
669
957
|
};
|
|
670
958
|
export type CreateDelegatedRecoveryChallengeResponse = {
|
|
671
959
|
user: {
|
|
960
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
672
961
|
id: string;
|
|
962
|
+
/** Display name of the user. */
|
|
673
963
|
displayName: string;
|
|
964
|
+
/** Username of the user. */
|
|
674
965
|
name: string;
|
|
675
966
|
};
|
|
967
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
676
968
|
temporaryAuthenticationToken: string;
|
|
969
|
+
/** Challenge to be signed by the credential being registered. */
|
|
677
970
|
challenge: string;
|
|
971
|
+
/** Deprecated. Should not be used. */
|
|
678
972
|
rp?: {
|
|
973
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
679
974
|
id: string;
|
|
975
|
+
/** Human-readable name of the relying party. */
|
|
680
976
|
name: string;
|
|
681
977
|
} | undefined;
|
|
978
|
+
/** Credential kinds that can be used to register the user. */
|
|
682
979
|
supportedCredentialKinds: {
|
|
980
|
+
/** Credential kinds accepted as first factor. */
|
|
683
981
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
982
|
+
/** Credential kinds accepted as second factor. */
|
|
684
983
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
685
984
|
};
|
|
686
985
|
authenticatorSelection: {
|
|
@@ -701,19 +1000,24 @@ export type CreateDelegatedRecoveryChallengeResponse = {
|
|
|
701
1000
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
702
1001
|
*/
|
|
703
1002
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1003
|
+
/** Public key credential parameters supported for the registration. */
|
|
704
1004
|
pubKeyCredParams: {
|
|
705
1005
|
type: "public-key";
|
|
706
1006
|
alg: number;
|
|
707
1007
|
}[];
|
|
1008
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
708
1009
|
excludeCredentials: {
|
|
709
1010
|
/** Is always `public-key`. */
|
|
710
1011
|
type: "public-key";
|
|
711
1012
|
/** ID that identifies the credential. */
|
|
712
1013
|
id: string;
|
|
713
1014
|
}[];
|
|
1015
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
714
1016
|
otpUrl: string;
|
|
715
1017
|
allowedRecoveryCredentials: {
|
|
1018
|
+
/** Identifier of the recovery credential. */
|
|
716
1019
|
id: string;
|
|
1020
|
+
/** Encrypted recovery key associated with this credential. */
|
|
717
1021
|
encryptedRecoveryKey: string;
|
|
718
1022
|
}[];
|
|
719
1023
|
};
|
|
@@ -721,24 +1025,38 @@ export type CreateDelegatedRecoveryChallengeRequest = {
|
|
|
721
1025
|
body: CreateDelegatedRecoveryChallengeBody;
|
|
722
1026
|
};
|
|
723
1027
|
export type CreateDelegatedRegistrationChallengeBody = {
|
|
1028
|
+
/** Username/identifier (any unique string accepted, e.g. your internal user ID or email). */
|
|
724
1029
|
email: string;
|
|
1030
|
+
/** Must be `EndUser`. */
|
|
725
1031
|
kind: "EndUser";
|
|
1032
|
+
/** Optional external identifier for the user, used for cross-referencing with your own systems. */
|
|
726
1033
|
externalId?: string | undefined;
|
|
727
1034
|
};
|
|
728
1035
|
export type CreateDelegatedRegistrationChallengeResponse = {
|
|
729
1036
|
user: {
|
|
1037
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
730
1038
|
id: string;
|
|
1039
|
+
/** Display name of the user. */
|
|
731
1040
|
displayName: string;
|
|
1041
|
+
/** Username of the user. */
|
|
732
1042
|
name: string;
|
|
733
1043
|
};
|
|
1044
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
734
1045
|
temporaryAuthenticationToken: string;
|
|
1046
|
+
/** Challenge to be signed by the credential being registered. */
|
|
735
1047
|
challenge: string;
|
|
1048
|
+
/** Deprecated. Should not be used. */
|
|
736
1049
|
rp?: {
|
|
1050
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
737
1051
|
id: string;
|
|
1052
|
+
/** Human-readable name of the relying party. */
|
|
738
1053
|
name: string;
|
|
739
1054
|
} | undefined;
|
|
1055
|
+
/** Credential kinds that can be used to register the user. */
|
|
740
1056
|
supportedCredentialKinds: {
|
|
1057
|
+
/** Credential kinds accepted as first factor. */
|
|
741
1058
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1059
|
+
/** Credential kinds accepted as second factor. */
|
|
742
1060
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
743
1061
|
};
|
|
744
1062
|
authenticatorSelection: {
|
|
@@ -759,24 +1077,32 @@ export type CreateDelegatedRegistrationChallengeResponse = {
|
|
|
759
1077
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
760
1078
|
*/
|
|
761
1079
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1080
|
+
/** Public key credential parameters supported for the registration. */
|
|
762
1081
|
pubKeyCredParams: {
|
|
763
1082
|
type: "public-key";
|
|
764
1083
|
alg: number;
|
|
765
1084
|
}[];
|
|
1085
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
766
1086
|
excludeCredentials: {
|
|
767
1087
|
/** Is always `public-key`. */
|
|
768
1088
|
type: "public-key";
|
|
769
1089
|
/** ID that identifies the credential. */
|
|
770
1090
|
id: string;
|
|
771
1091
|
}[];
|
|
1092
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
772
1093
|
otpUrl: string;
|
|
773
1094
|
};
|
|
774
1095
|
export type CreateDelegatedRegistrationChallengeRequest = {
|
|
775
1096
|
body: CreateDelegatedRegistrationChallengeBody;
|
|
776
1097
|
};
|
|
777
1098
|
export type CreateLoginChallengeBody = {
|
|
1099
|
+
/** Username/identifier of the user. Optional when the user has at least one discoverable WebAuthn credential. */
|
|
778
1100
|
username?: string | undefined;
|
|
779
|
-
|
|
1101
|
+
/** Organization id. */
|
|
1102
|
+
orgId?: string | undefined;
|
|
1103
|
+
/** Tenant id. */
|
|
1104
|
+
tenantId?: string | undefined;
|
|
1105
|
+
/** One-time login code, required when the user has a credential of kind `PasswordProtectedKey`. */
|
|
780
1106
|
loginCode?: string | undefined;
|
|
781
1107
|
};
|
|
782
1108
|
export type CreateLoginChallengeResponse = {
|
|
@@ -786,7 +1112,9 @@ export type CreateLoginChallengeResponse = {
|
|
|
786
1112
|
challengeIdentifier: string;
|
|
787
1113
|
/** Deprecated. Should not be used. */
|
|
788
1114
|
rp?: {
|
|
1115
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
789
1116
|
id: string;
|
|
1117
|
+
/** Human-readable name of the relying party. */
|
|
790
1118
|
name: string;
|
|
791
1119
|
} | undefined;
|
|
792
1120
|
/** Identifies the kind of credentials that can be used to sign the user action. */
|
|
@@ -844,29 +1172,48 @@ export type CreateLoginChallengeRequest = {
|
|
|
844
1172
|
body: CreateLoginChallengeBody;
|
|
845
1173
|
};
|
|
846
1174
|
export type CreatePersonalAccessTokenBody = {
|
|
1175
|
+
/** Human-readable name of the Personal Access Token. */
|
|
847
1176
|
name: string;
|
|
848
1177
|
publicKey: string;
|
|
1178
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
849
1179
|
permissionId?: string | undefined;
|
|
1180
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
850
1181
|
externalId?: string | undefined;
|
|
1182
|
+
/** Number of days the token will be valid for. */
|
|
851
1183
|
daysValid?: number | undefined;
|
|
1184
|
+
/** Number of seconds the token will be valid for. */
|
|
852
1185
|
secondsValid?: number | undefined;
|
|
853
1186
|
};
|
|
854
1187
|
export type CreatePersonalAccessTokenResponse = {
|
|
1188
|
+
/** The access token. Only returned at creation time. */
|
|
855
1189
|
accessToken: string;
|
|
856
1190
|
dateCreated: string;
|
|
1191
|
+
/** ID of the credential associated with the access token. */
|
|
857
1192
|
credId: string;
|
|
1193
|
+
/** Whether the access token is active. */
|
|
858
1194
|
isActive: boolean;
|
|
859
1195
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1196
|
+
/** User id. */
|
|
860
1197
|
linkedUserId: string;
|
|
1198
|
+
/** ID of the application the access token is linked to. */
|
|
861
1199
|
linkedAppId: string;
|
|
1200
|
+
/** Human-readable name of the access token. */
|
|
862
1201
|
name: string;
|
|
1202
|
+
/** Organization id. */
|
|
863
1203
|
orgId: string;
|
|
1204
|
+
/** Public key associated with the access token. */
|
|
864
1205
|
publicKey: string;
|
|
1206
|
+
/** Token id. */
|
|
865
1207
|
tokenId: string;
|
|
1208
|
+
/** Permissions (roles) assigned to the access token. */
|
|
866
1209
|
permissionAssignments: {
|
|
1210
|
+
/** Human-readable name of the permission (role). */
|
|
867
1211
|
permissionName: string;
|
|
1212
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
868
1213
|
permissionId: string;
|
|
1214
|
+
/** ID of the permission assignment. */
|
|
869
1215
|
assignmentId: string;
|
|
1216
|
+
/** List of API operations granted by this permission. */
|
|
870
1217
|
operations?: string[] | undefined;
|
|
871
1218
|
}[];
|
|
872
1219
|
};
|
|
@@ -874,25 +1221,42 @@ export type CreatePersonalAccessTokenRequest = {
|
|
|
874
1221
|
body: CreatePersonalAccessTokenBody;
|
|
875
1222
|
};
|
|
876
1223
|
export type CreateRecoveryChallengeBody = {
|
|
1224
|
+
/** Username/identifier of the user to recover. */
|
|
877
1225
|
username: string;
|
|
1226
|
+
/** Recovery verification code sent to the user by email. */
|
|
878
1227
|
verificationCode: string;
|
|
879
|
-
|
|
1228
|
+
/** Organization id. */
|
|
1229
|
+
orgId?: string | undefined;
|
|
1230
|
+
/** Tenant id. */
|
|
1231
|
+
tenantId?: string | undefined;
|
|
1232
|
+
/** Identifier of the recovery credential to use. */
|
|
880
1233
|
credentialId: string;
|
|
881
1234
|
};
|
|
882
1235
|
export type CreateRecoveryChallengeResponse = {
|
|
883
1236
|
user: {
|
|
1237
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
884
1238
|
id: string;
|
|
1239
|
+
/** Display name of the user. */
|
|
885
1240
|
displayName: string;
|
|
1241
|
+
/** Username of the user. */
|
|
886
1242
|
name: string;
|
|
887
1243
|
};
|
|
1244
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
888
1245
|
temporaryAuthenticationToken: string;
|
|
1246
|
+
/** Challenge to be signed by the credential being registered. */
|
|
889
1247
|
challenge: string;
|
|
1248
|
+
/** Deprecated. Should not be used. */
|
|
890
1249
|
rp?: {
|
|
1250
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
891
1251
|
id: string;
|
|
1252
|
+
/** Human-readable name of the relying party. */
|
|
892
1253
|
name: string;
|
|
893
1254
|
} | undefined;
|
|
1255
|
+
/** Credential kinds that can be used to register the user. */
|
|
894
1256
|
supportedCredentialKinds: {
|
|
1257
|
+
/** Credential kinds accepted as first factor. */
|
|
895
1258
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1259
|
+
/** Credential kinds accepted as second factor. */
|
|
896
1260
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
897
1261
|
};
|
|
898
1262
|
authenticatorSelection: {
|
|
@@ -913,19 +1277,24 @@ export type CreateRecoveryChallengeResponse = {
|
|
|
913
1277
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
914
1278
|
*/
|
|
915
1279
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1280
|
+
/** Public key credential parameters supported for the registration. */
|
|
916
1281
|
pubKeyCredParams: {
|
|
917
1282
|
type: "public-key";
|
|
918
1283
|
alg: number;
|
|
919
1284
|
}[];
|
|
1285
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
920
1286
|
excludeCredentials: {
|
|
921
1287
|
/** Is always `public-key`. */
|
|
922
1288
|
type: "public-key";
|
|
923
1289
|
/** ID that identifies the credential. */
|
|
924
1290
|
id: string;
|
|
925
1291
|
}[];
|
|
1292
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
926
1293
|
otpUrl: string;
|
|
927
1294
|
allowedRecoveryCredentials: {
|
|
1295
|
+
/** Identifier of the recovery credential. */
|
|
928
1296
|
id: string;
|
|
1297
|
+
/** Encrypted recovery key associated with this credential. */
|
|
929
1298
|
encryptedRecoveryKey: string;
|
|
930
1299
|
}[];
|
|
931
1300
|
};
|
|
@@ -933,24 +1302,40 @@ export type CreateRecoveryChallengeRequest = {
|
|
|
933
1302
|
body: CreateRecoveryChallengeBody;
|
|
934
1303
|
};
|
|
935
1304
|
export type CreateRegistrationChallengeBody = {
|
|
936
|
-
|
|
1305
|
+
/** Organization id. */
|
|
1306
|
+
orgId?: string | undefined;
|
|
1307
|
+
/** Tenant id. */
|
|
1308
|
+
tenantId?: string | undefined;
|
|
1309
|
+
/** Username/identifier of the user being registered (any unique string accepted, e.g. email). */
|
|
937
1310
|
username: string;
|
|
1311
|
+
/** One-time registration code sent to the user by email. */
|
|
938
1312
|
registrationCode: string;
|
|
939
1313
|
};
|
|
940
1314
|
export type CreateRegistrationChallengeResponse = {
|
|
941
1315
|
user: {
|
|
1316
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
942
1317
|
id: string;
|
|
1318
|
+
/** Display name of the user. */
|
|
943
1319
|
displayName: string;
|
|
1320
|
+
/** Username of the user. */
|
|
944
1321
|
name: string;
|
|
945
1322
|
};
|
|
1323
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
946
1324
|
temporaryAuthenticationToken: string;
|
|
1325
|
+
/** Challenge to be signed by the credential being registered. */
|
|
947
1326
|
challenge: string;
|
|
1327
|
+
/** Deprecated. Should not be used. */
|
|
948
1328
|
rp?: {
|
|
1329
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
949
1330
|
id: string;
|
|
1331
|
+
/** Human-readable name of the relying party. */
|
|
950
1332
|
name: string;
|
|
951
1333
|
} | undefined;
|
|
1334
|
+
/** Credential kinds that can be used to register the user. */
|
|
952
1335
|
supportedCredentialKinds: {
|
|
1336
|
+
/** Credential kinds accepted as first factor. */
|
|
953
1337
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1338
|
+
/** Credential kinds accepted as second factor. */
|
|
954
1339
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
955
1340
|
};
|
|
956
1341
|
authenticatorSelection: {
|
|
@@ -971,67 +1356,103 @@ export type CreateRegistrationChallengeResponse = {
|
|
|
971
1356
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
972
1357
|
*/
|
|
973
1358
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1359
|
+
/** Public key credential parameters supported for the registration. */
|
|
974
1360
|
pubKeyCredParams: {
|
|
975
1361
|
type: "public-key";
|
|
976
1362
|
alg: number;
|
|
977
1363
|
}[];
|
|
1364
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
978
1365
|
excludeCredentials: {
|
|
979
1366
|
/** Is always `public-key`. */
|
|
980
1367
|
type: "public-key";
|
|
981
1368
|
/** ID that identifies the credential. */
|
|
982
1369
|
id: string;
|
|
983
1370
|
}[];
|
|
1371
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
984
1372
|
otpUrl: string;
|
|
985
1373
|
};
|
|
986
1374
|
export type CreateRegistrationChallengeRequest = {
|
|
987
1375
|
body: CreateRegistrationChallengeBody;
|
|
988
1376
|
};
|
|
989
1377
|
export type CreateServiceAccountBody = {
|
|
1378
|
+
/** Human-readable name of the Service Account. */
|
|
990
1379
|
name: string;
|
|
991
1380
|
publicKey: string;
|
|
1381
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
992
1382
|
permissionId?: string | undefined;
|
|
1383
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
993
1384
|
externalId?: string | undefined;
|
|
1385
|
+
/** Number of days the service account will be valid for. */
|
|
994
1386
|
daysValid?: number | undefined;
|
|
995
1387
|
};
|
|
996
1388
|
export type CreateServiceAccountResponse = {
|
|
997
1389
|
userInfo: {
|
|
1390
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
998
1391
|
username: string;
|
|
1392
|
+
/** Display name of the user. */
|
|
999
1393
|
name: string;
|
|
1000
1394
|
/** User id. */
|
|
1001
1395
|
userId: string;
|
|
1002
1396
|
/** User kind. */
|
|
1003
|
-
kind: "DfnsStaff" | "
|
|
1397
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1398
|
+
/** UUID of the user's primary credential. */
|
|
1004
1399
|
credentialUuid: string;
|
|
1005
|
-
|
|
1400
|
+
/** Organization id. */
|
|
1401
|
+
orgId?: string | undefined;
|
|
1402
|
+
/** Tenant id. */
|
|
1403
|
+
tenantId?: string | undefined;
|
|
1404
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1006
1405
|
permissions?: string[] | undefined;
|
|
1406
|
+
/** Whether the user is active. */
|
|
1007
1407
|
isActive: boolean;
|
|
1408
|
+
/** Whether the user is a service account. */
|
|
1008
1409
|
isServiceAccount: boolean;
|
|
1410
|
+
/** Whether the user has completed registration. */
|
|
1009
1411
|
isRegistered: boolean;
|
|
1412
|
+
/** Permissions (roles) assigned to the user. */
|
|
1010
1413
|
permissionAssignments: {
|
|
1414
|
+
/** Human-readable name of the permission (role). */
|
|
1011
1415
|
permissionName: string;
|
|
1416
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1012
1417
|
permissionId: string;
|
|
1418
|
+
/** ID of the permission assignment. */
|
|
1013
1419
|
assignmentId: string;
|
|
1420
|
+
/** List of API operations granted by this permission. */
|
|
1014
1421
|
operations?: string[] | undefined;
|
|
1015
1422
|
}[];
|
|
1016
1423
|
};
|
|
1017
1424
|
accessTokens: {
|
|
1425
|
+
/** The access token. Only returned at creation time. */
|
|
1018
1426
|
accessToken?: string | undefined;
|
|
1019
1427
|
dateCreated: string;
|
|
1428
|
+
/** ID of the credential associated with the access token. */
|
|
1020
1429
|
credId: string;
|
|
1430
|
+
/** Whether the access token is active. */
|
|
1021
1431
|
isActive: boolean;
|
|
1022
1432
|
/** Access token kind. */
|
|
1023
1433
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1434
|
+
/** User id. */
|
|
1024
1435
|
linkedUserId: string;
|
|
1436
|
+
/** ID of the application the access token is linked to. */
|
|
1025
1437
|
linkedAppId: string;
|
|
1438
|
+
/** Human-readable name of the access token. */
|
|
1026
1439
|
name: string;
|
|
1440
|
+
/** Organization id. */
|
|
1027
1441
|
orgId: string;
|
|
1442
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1028
1443
|
permissionAssignments: {
|
|
1444
|
+
/** Human-readable name of the permission (role). */
|
|
1029
1445
|
permissionName: string;
|
|
1446
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1030
1447
|
permissionId: string;
|
|
1448
|
+
/** ID of the permission assignment. */
|
|
1031
1449
|
assignmentId: string;
|
|
1450
|
+
/** List of API operations granted by this permission. */
|
|
1032
1451
|
operations?: string[] | undefined;
|
|
1033
1452
|
}[];
|
|
1453
|
+
/** Public key associated with the access token. */
|
|
1034
1454
|
publicKey: string;
|
|
1455
|
+
/** Token id. */
|
|
1035
1456
|
tokenId: string;
|
|
1036
1457
|
}[];
|
|
1037
1458
|
};
|
|
@@ -1039,24 +1460,38 @@ export type CreateServiceAccountRequest = {
|
|
|
1039
1460
|
body: CreateServiceAccountBody;
|
|
1040
1461
|
};
|
|
1041
1462
|
export type CreateSocialRegistrationChallengeBody = {
|
|
1463
|
+
/** Organization id. */
|
|
1042
1464
|
orgId?: string | undefined;
|
|
1465
|
+
/** Social login provider used to issue the JWT. */
|
|
1043
1466
|
socialLoginProviderKind: "Oidc";
|
|
1467
|
+
/** JWT id token issued by the social login provider. */
|
|
1044
1468
|
idToken: string;
|
|
1045
1469
|
};
|
|
1046
1470
|
export type CreateSocialRegistrationChallengeResponse = {
|
|
1047
1471
|
user: {
|
|
1472
|
+
/** Base64url-encoded user handle (WebAuthn user.id). */
|
|
1048
1473
|
id: string;
|
|
1474
|
+
/** Display name of the user. */
|
|
1049
1475
|
displayName: string;
|
|
1476
|
+
/** Username of the user. */
|
|
1050
1477
|
name: string;
|
|
1051
1478
|
};
|
|
1479
|
+
/** JWT used to identify the registration session when calling Complete User Registration. */
|
|
1052
1480
|
temporaryAuthenticationToken: string;
|
|
1481
|
+
/** Challenge to be signed by the credential being registered. */
|
|
1053
1482
|
challenge: string;
|
|
1483
|
+
/** Deprecated. Should not be used. */
|
|
1054
1484
|
rp?: {
|
|
1485
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
1055
1486
|
id: string;
|
|
1487
|
+
/** Human-readable name of the relying party. */
|
|
1056
1488
|
name: string;
|
|
1057
1489
|
} | undefined;
|
|
1490
|
+
/** Credential kinds that can be used to register the user. */
|
|
1058
1491
|
supportedCredentialKinds: {
|
|
1492
|
+
/** Credential kinds accepted as first factor. */
|
|
1059
1493
|
firstFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1494
|
+
/** Credential kinds accepted as second factor. */
|
|
1060
1495
|
secondFactor: ("Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey")[];
|
|
1061
1496
|
};
|
|
1062
1497
|
authenticatorSelection: {
|
|
@@ -1077,16 +1512,19 @@ export type CreateSocialRegistrationChallengeResponse = {
|
|
|
1077
1512
|
* enterprise: indicates the attestation data should include information to uniquely identify the user's device
|
|
1078
1513
|
*/
|
|
1079
1514
|
attestation: "none" | "indirect" | "direct" | "enterprise";
|
|
1515
|
+
/** Public key credential parameters supported for the registration. */
|
|
1080
1516
|
pubKeyCredParams: {
|
|
1081
1517
|
type: "public-key";
|
|
1082
1518
|
alg: number;
|
|
1083
1519
|
}[];
|
|
1520
|
+
/** Credentials to exclude from the registration (already registered for the user). */
|
|
1084
1521
|
excludeCredentials: {
|
|
1085
1522
|
/** Is always `public-key`. */
|
|
1086
1523
|
type: "public-key";
|
|
1087
1524
|
/** ID that identifies the credential. */
|
|
1088
1525
|
id: string;
|
|
1089
1526
|
}[];
|
|
1527
|
+
/** URL to provision a TOTP credential, when applicable. */
|
|
1090
1528
|
otpUrl: string;
|
|
1091
1529
|
};
|
|
1092
1530
|
export type CreateSocialRegistrationChallengeRequest = {
|
|
@@ -1098,6 +1536,7 @@ export type CreateUserBody = {
|
|
|
1098
1536
|
/** The kind of user being created.
|
|
1099
1537
|
In this endpoint it can only be "`CustomerEmployee`" (creating an "`EndUser`" is done through the [Delegated Registration](https://docs.dfns.co/api-reference/auth/registration-flows#delegated-users-registration-flow) endpoint) */
|
|
1100
1538
|
kind: "CustomerEmployee" | "DfnsStaff";
|
|
1539
|
+
/** Optional public key in PEM format associated with the user. */
|
|
1101
1540
|
publicKey?: string | undefined;
|
|
1102
1541
|
/** Value that can be used to correlate the entity with an external system. */
|
|
1103
1542
|
externalId?: string | undefined;
|
|
@@ -1105,23 +1544,39 @@ export type CreateUserBody = {
|
|
|
1105
1544
|
isSSORequired?: boolean | undefined;
|
|
1106
1545
|
};
|
|
1107
1546
|
export type CreateUserResponse = {
|
|
1547
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1108
1548
|
username: string;
|
|
1549
|
+
/** Display name of the user. */
|
|
1109
1550
|
name: string;
|
|
1110
1551
|
/** User id. */
|
|
1111
1552
|
userId: string;
|
|
1112
1553
|
/** User kind. */
|
|
1113
|
-
kind: "DfnsStaff" | "
|
|
1554
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1555
|
+
/** UUID of the user's primary credential. */
|
|
1114
1556
|
credentialUuid: string;
|
|
1115
|
-
|
|
1557
|
+
/** Organization id. */
|
|
1558
|
+
orgId?: string | undefined;
|
|
1559
|
+
/** Tenant id. */
|
|
1560
|
+
tenantId?: string | undefined;
|
|
1561
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1116
1562
|
permissions?: string[] | undefined;
|
|
1563
|
+
/** Whether the user is active. */
|
|
1117
1564
|
isActive: boolean;
|
|
1565
|
+
/** Whether the user is a service account. */
|
|
1118
1566
|
isServiceAccount: boolean;
|
|
1567
|
+
/** Whether the user has completed registration. */
|
|
1119
1568
|
isRegistered: boolean;
|
|
1569
|
+
/** Whether the user must authenticate via SSO. */
|
|
1120
1570
|
isSSORequired: boolean;
|
|
1571
|
+
/** Permissions (roles) assigned to the user. */
|
|
1121
1572
|
permissionAssignments: {
|
|
1573
|
+
/** Human-readable name of the permission (role). */
|
|
1122
1574
|
permissionName: string;
|
|
1575
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1123
1576
|
permissionId: string;
|
|
1577
|
+
/** ID of the permission assignment. */
|
|
1124
1578
|
assignmentId: string;
|
|
1579
|
+
/** List of API operations granted by this permission. */
|
|
1125
1580
|
operations?: string[] | undefined;
|
|
1126
1581
|
}[];
|
|
1127
1582
|
};
|
|
@@ -1145,7 +1600,9 @@ export type CreateUserActionChallengeResponse = {
|
|
|
1145
1600
|
challengeIdentifier: string;
|
|
1146
1601
|
/** Deprecated. Should not be used. */
|
|
1147
1602
|
rp?: {
|
|
1603
|
+
/** ID of the WebAuthn relying party (typically a domain name). */
|
|
1148
1604
|
id: string;
|
|
1605
|
+
/** Human-readable name of the relying party. */
|
|
1149
1606
|
name: string;
|
|
1150
1607
|
} | undefined;
|
|
1151
1608
|
/** Identifies the kind of credentials that can be used to sign the user action. */
|
|
@@ -1248,6 +1705,7 @@ export type CreateUserActionSignatureBody = {
|
|
|
1248
1705
|
};
|
|
1249
1706
|
} | {
|
|
1250
1707
|
kind: "Password";
|
|
1708
|
+
/** User password. */
|
|
1251
1709
|
password: string;
|
|
1252
1710
|
};
|
|
1253
1711
|
/** Second factor credential used to authenticate a user. */
|
|
@@ -1293,45 +1751,64 @@ export type CreateUserActionSignatureBody = {
|
|
|
1293
1751
|
};
|
|
1294
1752
|
} | {
|
|
1295
1753
|
kind: "Totp";
|
|
1754
|
+
/** TOTP one-time code. */
|
|
1296
1755
|
otpCode: string;
|
|
1297
1756
|
}) | undefined;
|
|
1298
1757
|
};
|
|
1299
1758
|
export type CreateUserActionSignatureResponse = {
|
|
1759
|
+
/** Signing token to use to verify the user intended to perform the action. */
|
|
1300
1760
|
userAction: string;
|
|
1301
1761
|
};
|
|
1302
1762
|
export type CreateUserActionSignatureRequest = {
|
|
1303
1763
|
body: CreateUserActionSignatureBody;
|
|
1304
1764
|
};
|
|
1305
1765
|
export type DeactivateCredentialBody = {
|
|
1766
|
+
/** UUID of the credential to deactivate. */
|
|
1306
1767
|
credentialUuid: string;
|
|
1307
1768
|
};
|
|
1308
1769
|
export type DeactivateCredentialResponse = {
|
|
1770
|
+
/** Human-readable success message. */
|
|
1309
1771
|
message: string;
|
|
1310
1772
|
};
|
|
1311
1773
|
export type DeactivateCredentialRequest = {
|
|
1312
1774
|
body: DeactivateCredentialBody;
|
|
1313
1775
|
};
|
|
1314
1776
|
export type DeactivatePersonalAccessTokenParams = {
|
|
1777
|
+
/** Token id. */
|
|
1315
1778
|
tokenId: string;
|
|
1316
1779
|
};
|
|
1317
1780
|
export type DeactivatePersonalAccessTokenResponse = {
|
|
1781
|
+
/** The access token. Only returned at creation time. */
|
|
1318
1782
|
accessToken?: string | undefined;
|
|
1319
1783
|
dateCreated: string;
|
|
1784
|
+
/** ID of the credential associated with the access token. */
|
|
1320
1785
|
credId: string;
|
|
1786
|
+
/** Whether the access token is active. */
|
|
1321
1787
|
isActive: boolean;
|
|
1322
1788
|
/** Access token kind. */
|
|
1323
1789
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1790
|
+
/** User id. */
|
|
1324
1791
|
linkedUserId: string;
|
|
1792
|
+
/** ID of the application the access token is linked to. */
|
|
1325
1793
|
linkedAppId: string;
|
|
1794
|
+
/** Human-readable name of the access token. */
|
|
1326
1795
|
name: string;
|
|
1796
|
+
/** Organization id. */
|
|
1327
1797
|
orgId: string;
|
|
1798
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1328
1799
|
permissionAssignments: {
|
|
1800
|
+
/** Human-readable name of the permission (role). */
|
|
1329
1801
|
permissionName: string;
|
|
1802
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1330
1803
|
permissionId: string;
|
|
1804
|
+
/** ID of the permission assignment. */
|
|
1331
1805
|
assignmentId: string;
|
|
1806
|
+
/** List of API operations granted by this permission. */
|
|
1332
1807
|
operations?: string[] | undefined;
|
|
1333
1808
|
}[];
|
|
1809
|
+
/** Public key associated with the access token. */
|
|
1334
1810
|
publicKey: string;
|
|
1811
|
+
/** Token id. */
|
|
1335
1812
|
tokenId: string;
|
|
1336
1813
|
};
|
|
1337
1814
|
export type DeactivatePersonalAccessTokenRequest = DeactivatePersonalAccessTokenParams;
|
|
@@ -1340,47 +1817,77 @@ export type DeactivateServiceAccountBody = {
|
|
|
1340
1817
|
force?: boolean;
|
|
1341
1818
|
};
|
|
1342
1819
|
export type DeactivateServiceAccountParams = {
|
|
1820
|
+
/** ID of the service account. */
|
|
1343
1821
|
serviceAccountId: string;
|
|
1344
1822
|
};
|
|
1345
1823
|
export type DeactivateServiceAccountResponse = {
|
|
1346
1824
|
userInfo: {
|
|
1825
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1347
1826
|
username: string;
|
|
1827
|
+
/** Display name of the user. */
|
|
1348
1828
|
name: string;
|
|
1349
1829
|
/** User id. */
|
|
1350
1830
|
userId: string;
|
|
1351
1831
|
/** User kind. */
|
|
1352
|
-
kind: "DfnsStaff" | "
|
|
1832
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1833
|
+
/** UUID of the user's primary credential. */
|
|
1353
1834
|
credentialUuid: string;
|
|
1354
|
-
|
|
1835
|
+
/** Organization id. */
|
|
1836
|
+
orgId?: string | undefined;
|
|
1837
|
+
/** Tenant id. */
|
|
1838
|
+
tenantId?: string | undefined;
|
|
1839
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1355
1840
|
permissions?: string[] | undefined;
|
|
1841
|
+
/** Whether the user is active. */
|
|
1356
1842
|
isActive: boolean;
|
|
1843
|
+
/** Whether the user is a service account. */
|
|
1357
1844
|
isServiceAccount: boolean;
|
|
1845
|
+
/** Whether the user has completed registration. */
|
|
1358
1846
|
isRegistered: boolean;
|
|
1847
|
+
/** Permissions (roles) assigned to the user. */
|
|
1359
1848
|
permissionAssignments: {
|
|
1849
|
+
/** Human-readable name of the permission (role). */
|
|
1360
1850
|
permissionName: string;
|
|
1851
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1361
1852
|
permissionId: string;
|
|
1853
|
+
/** ID of the permission assignment. */
|
|
1362
1854
|
assignmentId: string;
|
|
1855
|
+
/** List of API operations granted by this permission. */
|
|
1363
1856
|
operations?: string[] | undefined;
|
|
1364
1857
|
}[];
|
|
1365
1858
|
};
|
|
1366
1859
|
accessTokens: {
|
|
1860
|
+
/** The access token. Only returned at creation time. */
|
|
1367
1861
|
accessToken?: string | undefined;
|
|
1368
1862
|
dateCreated: string;
|
|
1863
|
+
/** ID of the credential associated with the access token. */
|
|
1369
1864
|
credId: string;
|
|
1865
|
+
/** Whether the access token is active. */
|
|
1370
1866
|
isActive: boolean;
|
|
1371
1867
|
/** Access token kind. */
|
|
1372
1868
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
1869
|
+
/** User id. */
|
|
1373
1870
|
linkedUserId: string;
|
|
1871
|
+
/** ID of the application the access token is linked to. */
|
|
1374
1872
|
linkedAppId: string;
|
|
1873
|
+
/** Human-readable name of the access token. */
|
|
1375
1874
|
name: string;
|
|
1875
|
+
/** Organization id. */
|
|
1376
1876
|
orgId: string;
|
|
1877
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1377
1878
|
permissionAssignments: {
|
|
1879
|
+
/** Human-readable name of the permission (role). */
|
|
1378
1880
|
permissionName: string;
|
|
1881
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1379
1882
|
permissionId: string;
|
|
1883
|
+
/** ID of the permission assignment. */
|
|
1380
1884
|
assignmentId: string;
|
|
1885
|
+
/** List of API operations granted by this permission. */
|
|
1381
1886
|
operations?: string[] | undefined;
|
|
1382
1887
|
}[];
|
|
1888
|
+
/** Public key associated with the access token. */
|
|
1383
1889
|
publicKey: string;
|
|
1890
|
+
/** Token id. */
|
|
1384
1891
|
tokenId: string;
|
|
1385
1892
|
}[];
|
|
1386
1893
|
};
|
|
@@ -1388,74 +1895,130 @@ export type DeactivateServiceAccountRequest = DeactivateServiceAccountParams & {
|
|
|
1388
1895
|
body: DeactivateServiceAccountBody;
|
|
1389
1896
|
};
|
|
1390
1897
|
export type DeactivateUserParams = {
|
|
1898
|
+
/** User id. */
|
|
1391
1899
|
userId: string;
|
|
1392
1900
|
};
|
|
1393
1901
|
export type DeactivateUserResponse = {
|
|
1902
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1394
1903
|
username: string;
|
|
1904
|
+
/** Display name of the user. */
|
|
1395
1905
|
name: string;
|
|
1396
1906
|
/** User id. */
|
|
1397
1907
|
userId: string;
|
|
1398
1908
|
/** User kind. */
|
|
1399
|
-
kind: "DfnsStaff" | "
|
|
1909
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
1910
|
+
/** UUID of the user's primary credential. */
|
|
1400
1911
|
credentialUuid: string;
|
|
1401
|
-
|
|
1912
|
+
/** Organization id. */
|
|
1913
|
+
orgId?: string | undefined;
|
|
1914
|
+
/** Tenant id. */
|
|
1915
|
+
tenantId?: string | undefined;
|
|
1916
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1402
1917
|
permissions?: string[] | undefined;
|
|
1918
|
+
/** Whether the user is active. */
|
|
1403
1919
|
isActive: boolean;
|
|
1920
|
+
/** Whether the user is a service account. */
|
|
1404
1921
|
isServiceAccount: boolean;
|
|
1922
|
+
/** Whether the user has completed registration. */
|
|
1405
1923
|
isRegistered: boolean;
|
|
1924
|
+
/** Whether the user must authenticate via SSO. */
|
|
1406
1925
|
isSSORequired: boolean;
|
|
1926
|
+
/** Permissions (roles) assigned to the user. */
|
|
1407
1927
|
permissionAssignments: {
|
|
1928
|
+
/** Human-readable name of the permission (role). */
|
|
1408
1929
|
permissionName: string;
|
|
1930
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1409
1931
|
permissionId: string;
|
|
1932
|
+
/** ID of the permission assignment. */
|
|
1410
1933
|
assignmentId: string;
|
|
1934
|
+
/** List of API operations granted by this permission. */
|
|
1411
1935
|
operations?: string[] | undefined;
|
|
1412
1936
|
}[];
|
|
1413
1937
|
};
|
|
1414
1938
|
export type DeactivateUserRequest = DeactivateUserParams;
|
|
1415
1939
|
export type DelegatedLoginBody = {
|
|
1940
|
+
/** Username/identifier of the user to log in. */
|
|
1416
1941
|
username: string;
|
|
1417
1942
|
};
|
|
1418
1943
|
export type DelegatedLoginResponse = {
|
|
1944
|
+
/** Authentication token issued to the user. */
|
|
1419
1945
|
token: string;
|
|
1420
1946
|
};
|
|
1421
1947
|
export type DelegatedLoginRequest = {
|
|
1422
1948
|
body: DelegatedLoginBody;
|
|
1423
1949
|
};
|
|
1950
|
+
export type ExchangeAccessTokenBody = {
|
|
1951
|
+
/** ID of the Organisation or Tenant for which you wish to obtain an access token. */
|
|
1952
|
+
target: string;
|
|
1953
|
+
};
|
|
1954
|
+
export type ExchangeAccessTokenResponse = {
|
|
1955
|
+
token: string;
|
|
1956
|
+
};
|
|
1957
|
+
export type ExchangeAccessTokenRequest = {
|
|
1958
|
+
body: ExchangeAccessTokenBody;
|
|
1959
|
+
};
|
|
1424
1960
|
export type GetApplicationParams = {
|
|
1961
|
+
/** ID of the application (deprecated). */
|
|
1425
1962
|
appId: string;
|
|
1426
1963
|
};
|
|
1427
1964
|
export type GetApplicationResponse = {
|
|
1965
|
+
/** ID of the application (deprecated). */
|
|
1428
1966
|
appId: string;
|
|
1429
1967
|
kind: "ServerSideApplication" | "ClientSideApplication";
|
|
1968
|
+
/** Organization id. */
|
|
1430
1969
|
orgId: string;
|
|
1970
|
+
/** Expected relying party ID for webauthn (deprecated). */
|
|
1431
1971
|
expectedRpId?: string | undefined;
|
|
1972
|
+
/** Human-readable name of the application. */
|
|
1432
1973
|
name: string;
|
|
1974
|
+
/** Whether the application is active. */
|
|
1433
1975
|
isActive: boolean;
|
|
1976
|
+
/** Expected origin for webauthn (deprecated). */
|
|
1434
1977
|
expectedOrigin?: string | undefined;
|
|
1978
|
+
/** Permissions (roles) assigned to the application. */
|
|
1435
1979
|
permissionAssignments: {
|
|
1980
|
+
/** Human-readable name of the permission (role). */
|
|
1436
1981
|
permissionName: string;
|
|
1982
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1437
1983
|
permissionId: string;
|
|
1984
|
+
/** ID of the permission assignment. */
|
|
1438
1985
|
assignmentId: string;
|
|
1986
|
+
/** List of API operations granted by this permission. */
|
|
1439
1987
|
operations?: string[] | undefined;
|
|
1440
1988
|
}[];
|
|
1989
|
+
/** Access tokens associated with the application. */
|
|
1441
1990
|
accessTokens: {
|
|
1991
|
+
/** The access token. Only returned at creation time. */
|
|
1442
1992
|
accessToken?: string | undefined;
|
|
1443
1993
|
dateCreated: string;
|
|
1994
|
+
/** ID of the credential associated with the access token. */
|
|
1444
1995
|
credId: string;
|
|
1996
|
+
/** Whether the access token is active. */
|
|
1445
1997
|
isActive: boolean;
|
|
1446
1998
|
/** Access token kind. */
|
|
1447
1999
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2000
|
+
/** User id. */
|
|
1448
2001
|
linkedUserId: string;
|
|
2002
|
+
/** ID of the application the access token is linked to. */
|
|
1449
2003
|
linkedAppId: string;
|
|
2004
|
+
/** Human-readable name of the access token. */
|
|
1450
2005
|
name: string;
|
|
2006
|
+
/** Organization id. */
|
|
1451
2007
|
orgId: string;
|
|
2008
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1452
2009
|
permissionAssignments: {
|
|
2010
|
+
/** Human-readable name of the permission (role). */
|
|
1453
2011
|
permissionName: string;
|
|
2012
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1454
2013
|
permissionId: string;
|
|
2014
|
+
/** ID of the permission assignment. */
|
|
1455
2015
|
assignmentId: string;
|
|
2016
|
+
/** List of API operations granted by this permission. */
|
|
1456
2017
|
operations?: string[] | undefined;
|
|
1457
2018
|
}[];
|
|
2019
|
+
/** Public key associated with the access token. */
|
|
1458
2020
|
publicKey: string;
|
|
2021
|
+
/** Token id. */
|
|
1459
2022
|
tokenId: string;
|
|
1460
2023
|
}[];
|
|
1461
2024
|
};
|
|
@@ -1497,133 +2060,232 @@ export type GetAuditLogResponse = {
|
|
|
1497
2060
|
};
|
|
1498
2061
|
export type GetAuditLogRequest = GetAuditLogParams;
|
|
1499
2062
|
export type GetPersonalAccessTokenParams = {
|
|
2063
|
+
/** Token id. */
|
|
1500
2064
|
tokenId: string;
|
|
1501
2065
|
};
|
|
1502
2066
|
export type GetPersonalAccessTokenResponse = {
|
|
2067
|
+
/** The access token. Only returned at creation time. */
|
|
1503
2068
|
accessToken?: string | undefined;
|
|
1504
2069
|
dateCreated: string;
|
|
2070
|
+
/** ID of the credential associated with the access token. */
|
|
1505
2071
|
credId: string;
|
|
2072
|
+
/** Whether the access token is active. */
|
|
1506
2073
|
isActive: boolean;
|
|
1507
2074
|
/** Access token kind. */
|
|
1508
2075
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2076
|
+
/** User id. */
|
|
1509
2077
|
linkedUserId: string;
|
|
2078
|
+
/** ID of the application the access token is linked to. */
|
|
1510
2079
|
linkedAppId: string;
|
|
2080
|
+
/** Human-readable name of the access token. */
|
|
1511
2081
|
name: string;
|
|
2082
|
+
/** Organization id. */
|
|
1512
2083
|
orgId: string;
|
|
2084
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1513
2085
|
permissionAssignments: {
|
|
2086
|
+
/** Human-readable name of the permission (role). */
|
|
1514
2087
|
permissionName: string;
|
|
2088
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1515
2089
|
permissionId: string;
|
|
2090
|
+
/** ID of the permission assignment. */
|
|
1516
2091
|
assignmentId: string;
|
|
2092
|
+
/** List of API operations granted by this permission. */
|
|
1517
2093
|
operations?: string[] | undefined;
|
|
1518
2094
|
}[];
|
|
2095
|
+
/** Public key associated with the access token. */
|
|
1519
2096
|
publicKey: string;
|
|
2097
|
+
/** Token id. */
|
|
1520
2098
|
tokenId: string;
|
|
1521
2099
|
};
|
|
1522
2100
|
export type GetPersonalAccessTokenRequest = GetPersonalAccessTokenParams;
|
|
1523
2101
|
export type GetServiceAccountParams = {
|
|
2102
|
+
/** ID of the service account. */
|
|
1524
2103
|
serviceAccountId: string;
|
|
1525
2104
|
};
|
|
1526
2105
|
export type GetServiceAccountResponse = {
|
|
1527
2106
|
userInfo: {
|
|
2107
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1528
2108
|
username: string;
|
|
2109
|
+
/** Display name of the user. */
|
|
1529
2110
|
name: string;
|
|
1530
2111
|
/** User id. */
|
|
1531
2112
|
userId: string;
|
|
1532
2113
|
/** User kind. */
|
|
1533
|
-
kind: "DfnsStaff" | "
|
|
2114
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2115
|
+
/** UUID of the user's primary credential. */
|
|
1534
2116
|
credentialUuid: string;
|
|
1535
|
-
|
|
2117
|
+
/** Organization id. */
|
|
2118
|
+
orgId?: string | undefined;
|
|
2119
|
+
/** Tenant id. */
|
|
2120
|
+
tenantId?: string | undefined;
|
|
2121
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1536
2122
|
permissions?: string[] | undefined;
|
|
2123
|
+
/** Whether the user is active. */
|
|
1537
2124
|
isActive: boolean;
|
|
2125
|
+
/** Whether the user is a service account. */
|
|
1538
2126
|
isServiceAccount: boolean;
|
|
2127
|
+
/** Whether the user has completed registration. */
|
|
1539
2128
|
isRegistered: boolean;
|
|
2129
|
+
/** Permissions (roles) assigned to the user. */
|
|
1540
2130
|
permissionAssignments: {
|
|
2131
|
+
/** Human-readable name of the permission (role). */
|
|
1541
2132
|
permissionName: string;
|
|
2133
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1542
2134
|
permissionId: string;
|
|
2135
|
+
/** ID of the permission assignment. */
|
|
1543
2136
|
assignmentId: string;
|
|
2137
|
+
/** List of API operations granted by this permission. */
|
|
1544
2138
|
operations?: string[] | undefined;
|
|
1545
2139
|
}[];
|
|
1546
2140
|
};
|
|
1547
2141
|
accessTokens: {
|
|
2142
|
+
/** The access token. Only returned at creation time. */
|
|
1548
2143
|
accessToken?: string | undefined;
|
|
1549
2144
|
dateCreated: string;
|
|
2145
|
+
/** ID of the credential associated with the access token. */
|
|
1550
2146
|
credId: string;
|
|
2147
|
+
/** Whether the access token is active. */
|
|
1551
2148
|
isActive: boolean;
|
|
1552
2149
|
/** Access token kind. */
|
|
1553
2150
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2151
|
+
/** User id. */
|
|
1554
2152
|
linkedUserId: string;
|
|
2153
|
+
/** ID of the application the access token is linked to. */
|
|
1555
2154
|
linkedAppId: string;
|
|
2155
|
+
/** Human-readable name of the access token. */
|
|
1556
2156
|
name: string;
|
|
2157
|
+
/** Organization id. */
|
|
1557
2158
|
orgId: string;
|
|
2159
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1558
2160
|
permissionAssignments: {
|
|
2161
|
+
/** Human-readable name of the permission (role). */
|
|
1559
2162
|
permissionName: string;
|
|
2163
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1560
2164
|
permissionId: string;
|
|
2165
|
+
/** ID of the permission assignment. */
|
|
1561
2166
|
assignmentId: string;
|
|
2167
|
+
/** List of API operations granted by this permission. */
|
|
1562
2168
|
operations?: string[] | undefined;
|
|
1563
2169
|
}[];
|
|
2170
|
+
/** Public key associated with the access token. */
|
|
1564
2171
|
publicKey: string;
|
|
2172
|
+
/** Token id. */
|
|
1565
2173
|
tokenId: string;
|
|
1566
2174
|
}[];
|
|
1567
2175
|
};
|
|
1568
2176
|
export type GetServiceAccountRequest = GetServiceAccountParams;
|
|
1569
2177
|
export type GetUserParams = {
|
|
2178
|
+
/** User id. */
|
|
1570
2179
|
userId: string;
|
|
1571
2180
|
};
|
|
1572
2181
|
export type GetUserResponse = {
|
|
2182
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1573
2183
|
username: string;
|
|
2184
|
+
/** Display name of the user. */
|
|
1574
2185
|
name: string;
|
|
1575
2186
|
/** User id. */
|
|
1576
2187
|
userId: string;
|
|
1577
2188
|
/** User kind. */
|
|
1578
|
-
kind: "DfnsStaff" | "
|
|
2189
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2190
|
+
/** UUID of the user's primary credential. */
|
|
1579
2191
|
credentialUuid: string;
|
|
1580
|
-
|
|
2192
|
+
/** Organization id. */
|
|
2193
|
+
orgId?: string | undefined;
|
|
2194
|
+
/** Tenant id. */
|
|
2195
|
+
tenantId?: string | undefined;
|
|
2196
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1581
2197
|
permissions?: string[] | undefined;
|
|
2198
|
+
/** Whether the user is active. */
|
|
1582
2199
|
isActive: boolean;
|
|
2200
|
+
/** Whether the user is a service account. */
|
|
1583
2201
|
isServiceAccount: boolean;
|
|
2202
|
+
/** Whether the user has completed registration. */
|
|
1584
2203
|
isRegistered: boolean;
|
|
2204
|
+
/** Whether the user must authenticate via SSO. */
|
|
1585
2205
|
isSSORequired: boolean;
|
|
2206
|
+
/** Permissions (roles) assigned to the user. */
|
|
1586
2207
|
permissionAssignments: {
|
|
2208
|
+
/** Human-readable name of the permission (role). */
|
|
1587
2209
|
permissionName: string;
|
|
2210
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1588
2211
|
permissionId: string;
|
|
2212
|
+
/** ID of the permission assignment. */
|
|
1589
2213
|
assignmentId: string;
|
|
2214
|
+
/** List of API operations granted by this permission. */
|
|
1590
2215
|
operations?: string[] | undefined;
|
|
1591
2216
|
}[];
|
|
1592
2217
|
};
|
|
1593
2218
|
export type GetUserRequest = GetUserParams;
|
|
2219
|
+
export type InviteTenantUserBody = {
|
|
2220
|
+
/** Email address of the existing Tenant User. */
|
|
2221
|
+
email: string;
|
|
2222
|
+
/** The kind of user being invited. It can only be "`TenantUser`" */
|
|
2223
|
+
kind: "TenantUser";
|
|
2224
|
+
};
|
|
2225
|
+
export type InviteTenantUserResponse = {};
|
|
2226
|
+
export type InviteTenantUserRequest = {
|
|
2227
|
+
body: InviteTenantUserBody;
|
|
2228
|
+
};
|
|
1594
2229
|
export type ListApplicationsResponse = {
|
|
2230
|
+
/** Current page items. */
|
|
1595
2231
|
items: {
|
|
2232
|
+
/** ID of the application (deprecated). */
|
|
1596
2233
|
appId: string;
|
|
1597
2234
|
kind: "ServerSideApplication" | "ClientSideApplication";
|
|
2235
|
+
/** Organization id. */
|
|
1598
2236
|
orgId: string;
|
|
2237
|
+
/** Expected relying party ID for webauthn (deprecated). */
|
|
1599
2238
|
expectedRpId?: string | undefined;
|
|
2239
|
+
/** Human-readable name of the application. */
|
|
1600
2240
|
name: string;
|
|
2241
|
+
/** Whether the application is active. */
|
|
1601
2242
|
isActive: boolean;
|
|
2243
|
+
/** Expected origin for webauthn (deprecated). */
|
|
1602
2244
|
expectedOrigin?: string | undefined;
|
|
2245
|
+
/** Permissions (roles) assigned to the application. */
|
|
1603
2246
|
permissionAssignments: {
|
|
2247
|
+
/** Human-readable name of the permission (role). */
|
|
1604
2248
|
permissionName: string;
|
|
2249
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1605
2250
|
permissionId: string;
|
|
2251
|
+
/** ID of the permission assignment. */
|
|
1606
2252
|
assignmentId: string;
|
|
2253
|
+
/** List of API operations granted by this permission. */
|
|
1607
2254
|
operations?: string[] | undefined;
|
|
1608
2255
|
}[];
|
|
2256
|
+
/** Access tokens associated with the application. */
|
|
1609
2257
|
accessTokens: {
|
|
2258
|
+
/** The access token. Only returned at creation time. */
|
|
1610
2259
|
accessToken?: string | undefined;
|
|
1611
2260
|
dateCreated: string;
|
|
2261
|
+
/** ID of the credential associated with the access token. */
|
|
1612
2262
|
credId: string;
|
|
2263
|
+
/** Whether the access token is active. */
|
|
1613
2264
|
isActive: boolean;
|
|
1614
2265
|
/** Access token kind. */
|
|
1615
2266
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2267
|
+
/** User id. */
|
|
1616
2268
|
linkedUserId: string;
|
|
2269
|
+
/** ID of the application the access token is linked to. */
|
|
1617
2270
|
linkedAppId: string;
|
|
2271
|
+
/** Human-readable name of the access token. */
|
|
1618
2272
|
name: string;
|
|
2273
|
+
/** Organization id. */
|
|
1619
2274
|
orgId: string;
|
|
2275
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1620
2276
|
permissionAssignments: {
|
|
2277
|
+
/** Human-readable name of the permission (role). */
|
|
1621
2278
|
permissionName: string;
|
|
2279
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1622
2280
|
permissionId: string;
|
|
2281
|
+
/** ID of the permission assignment. */
|
|
1623
2282
|
assignmentId: string;
|
|
2283
|
+
/** List of API operations granted by this permission. */
|
|
1624
2284
|
operations?: string[] | undefined;
|
|
1625
2285
|
}[];
|
|
2286
|
+
/** Public key associated with the access token. */
|
|
1626
2287
|
publicKey: string;
|
|
2288
|
+
/** Token id. */
|
|
1627
2289
|
tokenId: string;
|
|
1628
2290
|
}[];
|
|
1629
2291
|
}[];
|
|
@@ -1639,111 +2301,185 @@ export type ListAuditLogsRequest = {
|
|
|
1639
2301
|
query?: ListAuditLogsQuery;
|
|
1640
2302
|
};
|
|
1641
2303
|
export type ListCredentialsResponse = {
|
|
2304
|
+
/** Current page items. */
|
|
1642
2305
|
items: {
|
|
1643
2306
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2307
|
+
/** Credential ID from the WebAuthn authenticator (base64url). */
|
|
1644
2308
|
credentialId: string;
|
|
2309
|
+
/** Dfns-internal UUID of the credential. */
|
|
1645
2310
|
credentialUuid: string;
|
|
1646
2311
|
dateCreated: string;
|
|
2312
|
+
/** Whether the credential is active. */
|
|
1647
2313
|
isActive: boolean;
|
|
2314
|
+
/** Human-readable name of the credential. */
|
|
1648
2315
|
name: string;
|
|
2316
|
+
/** Public key of the credential. */
|
|
1649
2317
|
publicKey: string;
|
|
2318
|
+
/** Relying party identifier associated with the credential. */
|
|
1650
2319
|
relyingPartyId: string;
|
|
2320
|
+
/** Origin where the credential was created. */
|
|
1651
2321
|
origin: string;
|
|
1652
2322
|
}[];
|
|
1653
2323
|
};
|
|
1654
2324
|
export type ListPersonalAccessTokensResponse = {
|
|
2325
|
+
/** Current page items. */
|
|
1655
2326
|
items: {
|
|
2327
|
+
/** The access token. Only returned at creation time. */
|
|
1656
2328
|
accessToken?: string | undefined;
|
|
1657
2329
|
dateCreated: string;
|
|
2330
|
+
/** ID of the credential associated with the access token. */
|
|
1658
2331
|
credId: string;
|
|
2332
|
+
/** Whether the access token is active. */
|
|
1659
2333
|
isActive: boolean;
|
|
1660
2334
|
/** Access token kind. */
|
|
1661
2335
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2336
|
+
/** User id. */
|
|
1662
2337
|
linkedUserId: string;
|
|
2338
|
+
/** ID of the application the access token is linked to. */
|
|
1663
2339
|
linkedAppId: string;
|
|
2340
|
+
/** Human-readable name of the access token. */
|
|
1664
2341
|
name: string;
|
|
2342
|
+
/** Organization id. */
|
|
1665
2343
|
orgId: string;
|
|
2344
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1666
2345
|
permissionAssignments: {
|
|
2346
|
+
/** Human-readable name of the permission (role). */
|
|
1667
2347
|
permissionName: string;
|
|
2348
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1668
2349
|
permissionId: string;
|
|
2350
|
+
/** ID of the permission assignment. */
|
|
1669
2351
|
assignmentId: string;
|
|
2352
|
+
/** List of API operations granted by this permission. */
|
|
1670
2353
|
operations?: string[] | undefined;
|
|
1671
2354
|
}[];
|
|
2355
|
+
/** Public key associated with the access token. */
|
|
1672
2356
|
publicKey: string;
|
|
2357
|
+
/** Token id. */
|
|
1673
2358
|
tokenId: string;
|
|
1674
2359
|
}[];
|
|
1675
2360
|
};
|
|
1676
2361
|
export type ListServiceAccountsResponse = {
|
|
2362
|
+
/** Current page items. */
|
|
1677
2363
|
items: {
|
|
1678
2364
|
userInfo: {
|
|
2365
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1679
2366
|
username: string;
|
|
2367
|
+
/** Display name of the user. */
|
|
1680
2368
|
name: string;
|
|
1681
2369
|
/** User id. */
|
|
1682
2370
|
userId: string;
|
|
1683
2371
|
/** User kind. */
|
|
1684
|
-
kind: "DfnsStaff" | "
|
|
2372
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2373
|
+
/** UUID of the user's primary credential. */
|
|
1685
2374
|
credentialUuid: string;
|
|
1686
|
-
|
|
2375
|
+
/** Organization id. */
|
|
2376
|
+
orgId?: string | undefined;
|
|
2377
|
+
/** Tenant id. */
|
|
2378
|
+
tenantId?: string | undefined;
|
|
2379
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1687
2380
|
permissions?: string[] | undefined;
|
|
2381
|
+
/** Whether the user is active. */
|
|
1688
2382
|
isActive: boolean;
|
|
2383
|
+
/** Whether the user is a service account. */
|
|
1689
2384
|
isServiceAccount: boolean;
|
|
2385
|
+
/** Whether the user has completed registration. */
|
|
1690
2386
|
isRegistered: boolean;
|
|
2387
|
+
/** Permissions (roles) assigned to the user. */
|
|
1691
2388
|
permissionAssignments: {
|
|
2389
|
+
/** Human-readable name of the permission (role). */
|
|
1692
2390
|
permissionName: string;
|
|
2391
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1693
2392
|
permissionId: string;
|
|
2393
|
+
/** ID of the permission assignment. */
|
|
1694
2394
|
assignmentId: string;
|
|
2395
|
+
/** List of API operations granted by this permission. */
|
|
1695
2396
|
operations?: string[] | undefined;
|
|
1696
2397
|
}[];
|
|
1697
2398
|
};
|
|
1698
2399
|
accessTokens: {
|
|
2400
|
+
/** The access token. Only returned at creation time. */
|
|
1699
2401
|
accessToken?: string | undefined;
|
|
1700
2402
|
dateCreated: string;
|
|
2403
|
+
/** ID of the credential associated with the access token. */
|
|
1701
2404
|
credId: string;
|
|
2405
|
+
/** Whether the access token is active. */
|
|
1702
2406
|
isActive: boolean;
|
|
1703
2407
|
/** Access token kind. */
|
|
1704
2408
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
2409
|
+
/** User id. */
|
|
1705
2410
|
linkedUserId: string;
|
|
2411
|
+
/** ID of the application the access token is linked to. */
|
|
1706
2412
|
linkedAppId: string;
|
|
2413
|
+
/** Human-readable name of the access token. */
|
|
1707
2414
|
name: string;
|
|
2415
|
+
/** Organization id. */
|
|
1708
2416
|
orgId: string;
|
|
2417
|
+
/** Permissions (roles) assigned to the access token. */
|
|
1709
2418
|
permissionAssignments: {
|
|
2419
|
+
/** Human-readable name of the permission (role). */
|
|
1710
2420
|
permissionName: string;
|
|
2421
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1711
2422
|
permissionId: string;
|
|
2423
|
+
/** ID of the permission assignment. */
|
|
1712
2424
|
assignmentId: string;
|
|
2425
|
+
/** List of API operations granted by this permission. */
|
|
1713
2426
|
operations?: string[] | undefined;
|
|
1714
2427
|
}[];
|
|
2428
|
+
/** Public key associated with the access token. */
|
|
1715
2429
|
publicKey: string;
|
|
2430
|
+
/** Token id. */
|
|
1716
2431
|
tokenId: string;
|
|
1717
2432
|
}[];
|
|
1718
2433
|
}[];
|
|
1719
2434
|
};
|
|
1720
2435
|
export type ListUsersQuery = {
|
|
2436
|
+
/** Maximum number of items to return. */
|
|
1721
2437
|
limit?: number | undefined;
|
|
2438
|
+
/** Opaque token used to retrieve the next page. Returned as `nextPageToken` from the previous request. */
|
|
1722
2439
|
paginationToken?: string | undefined;
|
|
2440
|
+
/** Filter users by kind. */
|
|
1723
2441
|
kind?: ("CustomerEmployee" | "EndUser") | undefined;
|
|
1724
2442
|
};
|
|
1725
2443
|
export type ListUsersResponse = {
|
|
2444
|
+
/** Current page items. */
|
|
1726
2445
|
items: {
|
|
2446
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
1727
2447
|
username: string;
|
|
2448
|
+
/** Display name of the user. */
|
|
1728
2449
|
name: string;
|
|
1729
2450
|
/** User id. */
|
|
1730
2451
|
userId: string;
|
|
1731
2452
|
/** User kind. */
|
|
1732
|
-
kind: "DfnsStaff" | "
|
|
2453
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
2454
|
+
/** UUID of the user's primary credential. */
|
|
1733
2455
|
credentialUuid: string;
|
|
1734
|
-
|
|
2456
|
+
/** Organization id. */
|
|
2457
|
+
orgId?: string | undefined;
|
|
2458
|
+
/** Tenant id. */
|
|
2459
|
+
tenantId?: string | undefined;
|
|
2460
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
1735
2461
|
permissions?: string[] | undefined;
|
|
2462
|
+
/** Whether the user is active. */
|
|
1736
2463
|
isActive: boolean;
|
|
2464
|
+
/** Whether the user is a service account. */
|
|
1737
2465
|
isServiceAccount: boolean;
|
|
2466
|
+
/** Whether the user has completed registration. */
|
|
1738
2467
|
isRegistered: boolean;
|
|
2468
|
+
/** Whether the user must authenticate via SSO. */
|
|
1739
2469
|
isSSORequired: boolean;
|
|
2470
|
+
/** Permissions (roles) assigned to the user. */
|
|
1740
2471
|
permissionAssignments: {
|
|
2472
|
+
/** Human-readable name of the permission (role). */
|
|
1741
2473
|
permissionName: string;
|
|
2474
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
1742
2475
|
permissionId: string;
|
|
2476
|
+
/** ID of the permission assignment. */
|
|
1743
2477
|
assignmentId: string;
|
|
2478
|
+
/** List of API operations granted by this permission. */
|
|
1744
2479
|
operations?: string[] | undefined;
|
|
1745
2480
|
}[];
|
|
1746
2481
|
}[];
|
|
2482
|
+
/** token to use as `paginationToken` to request the next page. */
|
|
1747
2483
|
nextPageToken?: string | undefined;
|
|
1748
2484
|
};
|
|
1749
2485
|
export type ListUsersRequest = {
|
|
@@ -1795,6 +2531,7 @@ export type LoginBody = {
|
|
|
1795
2531
|
};
|
|
1796
2532
|
} | {
|
|
1797
2533
|
kind: "Password";
|
|
2534
|
+
/** User password. */
|
|
1798
2535
|
password: string;
|
|
1799
2536
|
};
|
|
1800
2537
|
/** Second factor credential used to authenticate a user. */
|
|
@@ -1840,12 +2577,15 @@ export type LoginBody = {
|
|
|
1840
2577
|
};
|
|
1841
2578
|
} | {
|
|
1842
2579
|
kind: "Totp";
|
|
2580
|
+
/** TOTP one-time code. */
|
|
1843
2581
|
otpCode: string;
|
|
1844
2582
|
}) | undefined;
|
|
1845
2583
|
};
|
|
1846
2584
|
export type LoginResponse = {
|
|
2585
|
+
/** Authentication token issued to the user. */
|
|
1847
2586
|
token: string;
|
|
1848
2587
|
} | {
|
|
2588
|
+
/** Identifier of the SSO client to use to complete the login flow. */
|
|
1849
2589
|
ssoClientId: string;
|
|
1850
2590
|
};
|
|
1851
2591
|
export type LoginRequest = {
|
|
@@ -1855,6 +2595,7 @@ export type LogoutBody = {
|
|
|
1855
2595
|
allSessions?: boolean | undefined;
|
|
1856
2596
|
} | undefined;
|
|
1857
2597
|
export type LogoutResponse = {
|
|
2598
|
+
/** Human-readable success message. */
|
|
1858
2599
|
message: string;
|
|
1859
2600
|
};
|
|
1860
2601
|
export type LogoutRequest = {
|
|
@@ -1878,90 +2619,133 @@ export type RecoverBody = {
|
|
|
1878
2619
|
firstFactorCredential: {
|
|
1879
2620
|
credentialKind: "Fido2";
|
|
1880
2621
|
credentialInfo: {
|
|
2622
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1881
2623
|
credId: string;
|
|
2624
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1882
2625
|
clientData: string;
|
|
2626
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1883
2627
|
attestationData: string;
|
|
1884
2628
|
};
|
|
2629
|
+
/** Human-readable name to assign to the credential. */
|
|
1885
2630
|
credentialName?: string | undefined;
|
|
1886
2631
|
} | {
|
|
1887
2632
|
credentialKind: "Key";
|
|
1888
2633
|
credentialInfo: {
|
|
2634
|
+
/** Base64url-encoded id of the credential. */
|
|
1889
2635
|
credId: string;
|
|
2636
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1890
2637
|
clientData: string;
|
|
2638
|
+
/** Base64url-encoded public key. */
|
|
1891
2639
|
attestationData: string;
|
|
1892
2640
|
};
|
|
2641
|
+
/** Human-readable name to assign to the credential. */
|
|
1893
2642
|
credentialName?: string | undefined;
|
|
1894
2643
|
} | {
|
|
1895
2644
|
credentialKind: "Password";
|
|
1896
2645
|
credentialInfo: {
|
|
2646
|
+
/** User password. */
|
|
1897
2647
|
password: string;
|
|
1898
2648
|
};
|
|
2649
|
+
/** Human-readable name to assign to the credential. */
|
|
1899
2650
|
credentialName?: string | undefined;
|
|
1900
2651
|
} | {
|
|
1901
2652
|
credentialKind: "PasswordProtectedKey";
|
|
1902
2653
|
credentialInfo: {
|
|
2654
|
+
/** Base64url-encoded id of the credential. */
|
|
1903
2655
|
credId: string;
|
|
2656
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1904
2657
|
clientData: string;
|
|
2658
|
+
/** Base64url-encoded public key. */
|
|
1905
2659
|
attestationData: string;
|
|
1906
2660
|
};
|
|
2661
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
1907
2662
|
encryptedPrivateKey: string;
|
|
2663
|
+
/** Human-readable name to assign to the credential. */
|
|
1908
2664
|
credentialName?: string | undefined;
|
|
1909
2665
|
};
|
|
1910
2666
|
secondFactorCredential?: ({
|
|
1911
2667
|
credentialKind: "Fido2";
|
|
1912
2668
|
credentialInfo: {
|
|
2669
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1913
2670
|
credId: string;
|
|
2671
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1914
2672
|
clientData: string;
|
|
2673
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1915
2674
|
attestationData: string;
|
|
1916
2675
|
};
|
|
2676
|
+
/** Human-readable name to assign to the credential. */
|
|
1917
2677
|
credentialName?: string | undefined;
|
|
1918
2678
|
} | {
|
|
1919
2679
|
credentialKind: "Key";
|
|
1920
2680
|
credentialInfo: {
|
|
2681
|
+
/** Base64url-encoded id of the credential. */
|
|
1921
2682
|
credId: string;
|
|
2683
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1922
2684
|
clientData: string;
|
|
2685
|
+
/** Base64url-encoded public key. */
|
|
1923
2686
|
attestationData: string;
|
|
1924
2687
|
};
|
|
2688
|
+
/** Human-readable name to assign to the credential. */
|
|
1925
2689
|
credentialName?: string | undefined;
|
|
1926
2690
|
} | {
|
|
1927
2691
|
credentialKind: "Totp";
|
|
1928
2692
|
credentialInfo: {
|
|
2693
|
+
/** TOTP one-time code. */
|
|
1929
2694
|
otpCode: string;
|
|
1930
2695
|
};
|
|
2696
|
+
/** Human-readable name to assign to the credential. */
|
|
1931
2697
|
credentialName?: string | undefined;
|
|
1932
2698
|
} | {
|
|
1933
2699
|
credentialKind: "PasswordProtectedKey";
|
|
1934
2700
|
credentialInfo: {
|
|
2701
|
+
/** Base64url-encoded id of the credential. */
|
|
1935
2702
|
credId: string;
|
|
2703
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1936
2704
|
clientData: string;
|
|
2705
|
+
/** Base64url-encoded public key. */
|
|
1937
2706
|
attestationData: string;
|
|
1938
2707
|
};
|
|
2708
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
1939
2709
|
encryptedPrivateKey: string;
|
|
2710
|
+
/** Human-readable name to assign to the credential. */
|
|
1940
2711
|
credentialName?: string | undefined;
|
|
1941
2712
|
}) | undefined;
|
|
1942
2713
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
1943
2714
|
recoveryCredential?: {
|
|
1944
2715
|
credentialKind: "RecoveryKey";
|
|
1945
2716
|
credentialInfo: {
|
|
2717
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
1946
2718
|
credId: string;
|
|
2719
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1947
2720
|
clientData: string;
|
|
2721
|
+
/** Base64url-encoded public key. */
|
|
1948
2722
|
attestationData: string;
|
|
1949
2723
|
};
|
|
2724
|
+
/** User-encrypted private key for the recovery credential. */
|
|
1950
2725
|
encryptedPrivateKey?: string | undefined;
|
|
2726
|
+
/** Human-readable name to assign to the credential. */
|
|
1951
2727
|
credentialName?: string | undefined;
|
|
1952
2728
|
} | undefined;
|
|
1953
2729
|
};
|
|
1954
2730
|
};
|
|
1955
2731
|
export type RecoverResponse = {
|
|
1956
2732
|
credential: {
|
|
2733
|
+
/** UUID of the credential that was registered. */
|
|
1957
2734
|
uuid: string;
|
|
2735
|
+
/** Kind of credential that was registered. */
|
|
1958
2736
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2737
|
+
/** Human-readable name of the credential. */
|
|
1959
2738
|
name: string;
|
|
1960
2739
|
};
|
|
1961
2740
|
user: {
|
|
2741
|
+
/** User id. */
|
|
1962
2742
|
id: string;
|
|
2743
|
+
/** Username/identifier of the user. */
|
|
1963
2744
|
username: string;
|
|
1964
|
-
|
|
2745
|
+
/** Organization id. */
|
|
2746
|
+
orgId?: string | undefined;
|
|
2747
|
+
/** Tenant id. */
|
|
2748
|
+
tenantId?: string | undefined;
|
|
1965
2749
|
};
|
|
1966
2750
|
};
|
|
1967
2751
|
export type RecoverRequest = {
|
|
@@ -1971,89 +2755,132 @@ export type RegisterBody = {
|
|
|
1971
2755
|
firstFactorCredential: {
|
|
1972
2756
|
credentialKind: "Fido2";
|
|
1973
2757
|
credentialInfo: {
|
|
2758
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
1974
2759
|
credId: string;
|
|
2760
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
1975
2761
|
clientData: string;
|
|
2762
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
1976
2763
|
attestationData: string;
|
|
1977
2764
|
};
|
|
2765
|
+
/** Human-readable name to assign to the credential. */
|
|
1978
2766
|
credentialName?: string | undefined;
|
|
1979
2767
|
} | {
|
|
1980
2768
|
credentialKind: "Key";
|
|
1981
2769
|
credentialInfo: {
|
|
2770
|
+
/** Base64url-encoded id of the credential. */
|
|
1982
2771
|
credId: string;
|
|
2772
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1983
2773
|
clientData: string;
|
|
2774
|
+
/** Base64url-encoded public key. */
|
|
1984
2775
|
attestationData: string;
|
|
1985
2776
|
};
|
|
2777
|
+
/** Human-readable name to assign to the credential. */
|
|
1986
2778
|
credentialName?: string | undefined;
|
|
1987
2779
|
} | {
|
|
1988
2780
|
credentialKind: "Password";
|
|
1989
2781
|
credentialInfo: {
|
|
2782
|
+
/** User password. */
|
|
1990
2783
|
password: string;
|
|
1991
2784
|
};
|
|
2785
|
+
/** Human-readable name to assign to the credential. */
|
|
1992
2786
|
credentialName?: string | undefined;
|
|
1993
2787
|
} | {
|
|
1994
2788
|
credentialKind: "PasswordProtectedKey";
|
|
1995
2789
|
credentialInfo: {
|
|
2790
|
+
/** Base64url-encoded id of the credential. */
|
|
1996
2791
|
credId: string;
|
|
2792
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
1997
2793
|
clientData: string;
|
|
2794
|
+
/** Base64url-encoded public key. */
|
|
1998
2795
|
attestationData: string;
|
|
1999
2796
|
};
|
|
2797
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2000
2798
|
encryptedPrivateKey: string;
|
|
2799
|
+
/** Human-readable name to assign to the credential. */
|
|
2001
2800
|
credentialName?: string | undefined;
|
|
2002
2801
|
};
|
|
2003
2802
|
secondFactorCredential?: ({
|
|
2004
2803
|
credentialKind: "Fido2";
|
|
2005
2804
|
credentialInfo: {
|
|
2805
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2006
2806
|
credId: string;
|
|
2807
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2007
2808
|
clientData: string;
|
|
2809
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2008
2810
|
attestationData: string;
|
|
2009
2811
|
};
|
|
2812
|
+
/** Human-readable name to assign to the credential. */
|
|
2010
2813
|
credentialName?: string | undefined;
|
|
2011
2814
|
} | {
|
|
2012
2815
|
credentialKind: "Key";
|
|
2013
2816
|
credentialInfo: {
|
|
2817
|
+
/** Base64url-encoded id of the credential. */
|
|
2014
2818
|
credId: string;
|
|
2819
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2015
2820
|
clientData: string;
|
|
2821
|
+
/** Base64url-encoded public key. */
|
|
2016
2822
|
attestationData: string;
|
|
2017
2823
|
};
|
|
2824
|
+
/** Human-readable name to assign to the credential. */
|
|
2018
2825
|
credentialName?: string | undefined;
|
|
2019
2826
|
} | {
|
|
2020
2827
|
credentialKind: "Totp";
|
|
2021
2828
|
credentialInfo: {
|
|
2829
|
+
/** TOTP one-time code. */
|
|
2022
2830
|
otpCode: string;
|
|
2023
2831
|
};
|
|
2832
|
+
/** Human-readable name to assign to the credential. */
|
|
2024
2833
|
credentialName?: string | undefined;
|
|
2025
2834
|
} | {
|
|
2026
2835
|
credentialKind: "PasswordProtectedKey";
|
|
2027
2836
|
credentialInfo: {
|
|
2837
|
+
/** Base64url-encoded id of the credential. */
|
|
2028
2838
|
credId: string;
|
|
2839
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2029
2840
|
clientData: string;
|
|
2841
|
+
/** Base64url-encoded public key. */
|
|
2030
2842
|
attestationData: string;
|
|
2031
2843
|
};
|
|
2844
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2032
2845
|
encryptedPrivateKey: string;
|
|
2846
|
+
/** Human-readable name to assign to the credential. */
|
|
2033
2847
|
credentialName?: string | undefined;
|
|
2034
2848
|
}) | undefined;
|
|
2035
2849
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
2036
2850
|
recoveryCredential?: {
|
|
2037
2851
|
credentialKind: "RecoveryKey";
|
|
2038
2852
|
credentialInfo: {
|
|
2853
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
2039
2854
|
credId: string;
|
|
2855
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2040
2856
|
clientData: string;
|
|
2857
|
+
/** Base64url-encoded public key. */
|
|
2041
2858
|
attestationData: string;
|
|
2042
2859
|
};
|
|
2860
|
+
/** User-encrypted private key for the recovery credential. */
|
|
2043
2861
|
encryptedPrivateKey?: string | undefined;
|
|
2862
|
+
/** Human-readable name to assign to the credential. */
|
|
2044
2863
|
credentialName?: string | undefined;
|
|
2045
2864
|
} | undefined;
|
|
2046
2865
|
};
|
|
2047
2866
|
export type RegisterResponse = {
|
|
2048
2867
|
credential: {
|
|
2868
|
+
/** UUID of the credential that was registered. */
|
|
2049
2869
|
uuid: string;
|
|
2870
|
+
/** Kind of credential that was registered. */
|
|
2050
2871
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
2872
|
+
/** Human-readable name of the credential. */
|
|
2051
2873
|
name: string;
|
|
2052
2874
|
};
|
|
2053
2875
|
user: {
|
|
2876
|
+
/** User id. */
|
|
2054
2877
|
id: string;
|
|
2878
|
+
/** Username/identifier of the user. */
|
|
2055
2879
|
username: string;
|
|
2056
|
-
|
|
2880
|
+
/** Organization id. */
|
|
2881
|
+
orgId?: string | undefined;
|
|
2882
|
+
/** Tenant id. */
|
|
2883
|
+
tenantId?: string | undefined;
|
|
2057
2884
|
};
|
|
2058
2885
|
};
|
|
2059
2886
|
export type RegisterRequest = {
|
|
@@ -2063,103 +2890,147 @@ export type RegisterEndUserBody = {
|
|
|
2063
2890
|
firstFactorCredential: {
|
|
2064
2891
|
credentialKind: "Fido2";
|
|
2065
2892
|
credentialInfo: {
|
|
2893
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2066
2894
|
credId: string;
|
|
2895
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2067
2896
|
clientData: string;
|
|
2897
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2068
2898
|
attestationData: string;
|
|
2069
2899
|
};
|
|
2900
|
+
/** Human-readable name to assign to the credential. */
|
|
2070
2901
|
credentialName?: string | undefined;
|
|
2071
2902
|
} | {
|
|
2072
2903
|
credentialKind: "Key";
|
|
2073
2904
|
credentialInfo: {
|
|
2905
|
+
/** Base64url-encoded id of the credential. */
|
|
2074
2906
|
credId: string;
|
|
2907
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2075
2908
|
clientData: string;
|
|
2909
|
+
/** Base64url-encoded public key. */
|
|
2076
2910
|
attestationData: string;
|
|
2077
2911
|
};
|
|
2912
|
+
/** Human-readable name to assign to the credential. */
|
|
2078
2913
|
credentialName?: string | undefined;
|
|
2079
2914
|
} | {
|
|
2080
2915
|
credentialKind: "Password";
|
|
2081
2916
|
credentialInfo: {
|
|
2917
|
+
/** User password. */
|
|
2082
2918
|
password: string;
|
|
2083
2919
|
};
|
|
2920
|
+
/** Human-readable name to assign to the credential. */
|
|
2084
2921
|
credentialName?: string | undefined;
|
|
2085
2922
|
} | {
|
|
2086
2923
|
credentialKind: "PasswordProtectedKey";
|
|
2087
2924
|
credentialInfo: {
|
|
2925
|
+
/** Base64url-encoded id of the credential. */
|
|
2088
2926
|
credId: string;
|
|
2927
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2089
2928
|
clientData: string;
|
|
2929
|
+
/** Base64url-encoded public key. */
|
|
2090
2930
|
attestationData: string;
|
|
2091
2931
|
};
|
|
2932
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2092
2933
|
encryptedPrivateKey: string;
|
|
2934
|
+
/** Human-readable name to assign to the credential. */
|
|
2093
2935
|
credentialName?: string | undefined;
|
|
2094
2936
|
};
|
|
2095
2937
|
secondFactorCredential?: ({
|
|
2096
2938
|
credentialKind: "Fido2";
|
|
2097
2939
|
credentialInfo: {
|
|
2940
|
+
/** Base64url-encoded id of the credential returned by the user's WebAuthn client. */
|
|
2098
2941
|
credId: string;
|
|
2942
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object returned by the user's WebAuthn client. */
|
|
2099
2943
|
clientData: string;
|
|
2944
|
+
/** Base64url-encoded attestation data returned by the user's WebAuthn client. */
|
|
2100
2945
|
attestationData: string;
|
|
2101
2946
|
};
|
|
2947
|
+
/** Human-readable name to assign to the credential. */
|
|
2102
2948
|
credentialName?: string | undefined;
|
|
2103
2949
|
} | {
|
|
2104
2950
|
credentialKind: "Key";
|
|
2105
2951
|
credentialInfo: {
|
|
2952
|
+
/** Base64url-encoded id of the credential. */
|
|
2106
2953
|
credId: string;
|
|
2954
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2107
2955
|
clientData: string;
|
|
2956
|
+
/** Base64url-encoded public key. */
|
|
2108
2957
|
attestationData: string;
|
|
2109
2958
|
};
|
|
2959
|
+
/** Human-readable name to assign to the credential. */
|
|
2110
2960
|
credentialName?: string | undefined;
|
|
2111
2961
|
} | {
|
|
2112
2962
|
credentialKind: "Totp";
|
|
2113
2963
|
credentialInfo: {
|
|
2964
|
+
/** TOTP one-time code. */
|
|
2114
2965
|
otpCode: string;
|
|
2115
2966
|
};
|
|
2967
|
+
/** Human-readable name to assign to the credential. */
|
|
2116
2968
|
credentialName?: string | undefined;
|
|
2117
2969
|
} | {
|
|
2118
2970
|
credentialKind: "PasswordProtectedKey";
|
|
2119
2971
|
credentialInfo: {
|
|
2972
|
+
/** Base64url-encoded id of the credential. */
|
|
2120
2973
|
credId: string;
|
|
2974
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2121
2975
|
clientData: string;
|
|
2976
|
+
/** Base64url-encoded public key. */
|
|
2122
2977
|
attestationData: string;
|
|
2123
2978
|
};
|
|
2979
|
+
/** User-encrypted private key. Dfns does not have the password to decrypt it. */
|
|
2124
2980
|
encryptedPrivateKey: string;
|
|
2981
|
+
/** Human-readable name to assign to the credential. */
|
|
2125
2982
|
credentialName?: string | undefined;
|
|
2126
2983
|
}) | undefined;
|
|
2127
2984
|
/** Register a recovery key. See [Account Recovery](https://docs.dfns.co/api-reference/auth/account-recovery) for more details. */
|
|
2128
2985
|
recoveryCredential?: {
|
|
2129
2986
|
credentialKind: "RecoveryKey";
|
|
2130
2987
|
credentialInfo: {
|
|
2988
|
+
/** Base64url-encoded id of the recovery credential. */
|
|
2131
2989
|
credId: string;
|
|
2990
|
+
/** Base64url-encoded, stringified JSON [client data](https://docs.dfns.co/api-reference/auth/credentials-data#client-data) object. */
|
|
2132
2991
|
clientData: string;
|
|
2992
|
+
/** Base64url-encoded public key. */
|
|
2133
2993
|
attestationData: string;
|
|
2134
2994
|
};
|
|
2995
|
+
/** User-encrypted private key for the recovery credential. */
|
|
2135
2996
|
encryptedPrivateKey?: string | undefined;
|
|
2997
|
+
/** Human-readable name to assign to the credential. */
|
|
2136
2998
|
credentialName?: string | undefined;
|
|
2137
2999
|
} | undefined;
|
|
2138
3000
|
wallets: {
|
|
2139
|
-
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
3001
|
+
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "IconTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Movement" | "MovementTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "Rayls" | "RaylsTestnet" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
2140
3002
|
/** Wallet nickname. */
|
|
2141
3003
|
name?: string | undefined;
|
|
2142
3004
|
}[];
|
|
2143
3005
|
};
|
|
2144
3006
|
export type RegisterEndUserResponse = {
|
|
2145
3007
|
credential: {
|
|
3008
|
+
/** UUID of the credential that was registered. */
|
|
2146
3009
|
uuid: string;
|
|
3010
|
+
/** Kind of credential that was registered. */
|
|
2147
3011
|
kind: "Fido2" | "Key" | "Password" | "Totp" | "RecoveryKey" | "PasswordProtectedKey";
|
|
3012
|
+
/** Human-readable name of the credential. */
|
|
2148
3013
|
name: string;
|
|
2149
3014
|
};
|
|
2150
3015
|
user: {
|
|
3016
|
+
/** User id. */
|
|
2151
3017
|
id: string;
|
|
3018
|
+
/** Username/identifier of the user. */
|
|
2152
3019
|
username: string;
|
|
2153
|
-
|
|
3020
|
+
/** Organization id. */
|
|
3021
|
+
orgId?: string | undefined;
|
|
3022
|
+
/** Tenant id. */
|
|
3023
|
+
tenantId?: string | undefined;
|
|
2154
3024
|
};
|
|
2155
3025
|
authentication: {
|
|
3026
|
+
/** Authentication token issued to the user. */
|
|
2156
3027
|
token: string;
|
|
2157
3028
|
};
|
|
2158
3029
|
wallets: {
|
|
2159
3030
|
/** ID of the wallet. */
|
|
2160
3031
|
id: string;
|
|
2161
3032
|
/** Network this wallet is bound to. */
|
|
2162
|
-
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
3033
|
+
network: ("Algorand" | "AlgorandTestnet" | "Aptos" | "AptosTestnet" | "ArbitrumOne" | "ArbitrumGoerli" | "ArbitrumSepolia" | "ArcTestnet" | "Areum" | "AvalancheC" | "AvalancheCFuji" | "Adi" | "AdiTestnet" | "AdiTestnetAb" | "BabylonGenesis" | "BabylonTestnet5" | "Base" | "BaseGoerli" | "BaseSepolia" | "Berachain" | "BerachainBArtio" | "BerachainBepolia" | "BesuTestnet" | "Bitcoin" | "BitcoinSignet" | "BitcoinTestnet3" | "BitcoinTestnet4" | "BitcoinCash" | "BitcoinCashTestnet" | "Bob" | "BobSepolia" | "Bsc" | "BscTestnet" | "Canton" | "CantonDevnet" | "CantonTestnet" | "Cardano" | "CardanoPreprod" | "Concordium" | "ConcordiumTestnet" | "Celo" | "CeloAlfajores" | "Codex" | "CodexSepolia" | "CosmosHub4" | "CosmosIcsTestnet" | "Dogecoin" | "DogecoinTestnet" | "Ethereum" | "EthereumClassic" | "EthereumClassicMordor" | "EthereumGoerli" | "EthereumSepolia" | "EthereumHolesky" | "EthereumHoodi" | "FantomOpera" | "FantomTestnet" | "FlareC" | "FlareCCoston2" | "FlowEvm" | "FlowEvmTestnet" | "IconTestnet" | "Hedera" | "HederaTestnet" | "Ink" | "InkSepolia" | "InternetComputer" | "Ion" | "IonTestnet" | "Iota" | "IotaTestnet" | "IotaZodianet" | "Kaspa" | "KaspaTestnet11" | "Kusama" | "KusamaAssetHub" | "Litecoin" | "LitecoinTestnet" | "Movement" | "MovementTestnet" | "Near" | "NearTestnet" | "Optimism" | "OptimismGoerli" | "OptimismSepolia" | "Origyn" | "Plasma" | "PlasmaTestnet" | "Plume" | "PlumeSepolia" | "Paseo" | "PaseoAssetHub" | "Polkadot" | "PolkadotAssetHub" | "Polygon" | "PolygonAmoy" | "PolygonMumbai" | "Polymesh" | "PolymeshTestnet" | "Race" | "RaceSepolia" | "Rayls" | "RaylsTestnet" | "SeiAtlantic2" | "SeiPacific1" | "Solana" | "SolanaDevnet" | "Sonic" | "SonicTestnet" | "Starknet" | "StarknetSepolia" | "Stellar" | "StellarTestnet" | "Sui" | "SuiTestnet" | "Tezos" | "TezosGhostnet" | "TezosShadownet" | "Tempo" | "TempoAndantino" | "TempoModerato" | "Tsc" | "TscTestnet1" | "Ton" | "TonTestnet" | "Tron" | "TronNile" | "Westend" | "WestendAssetHub" | "Xdc" | "XdcApothem" | "XLayer" | "XLayerSepolia" | "XrpLedger" | "XrpLedgerTestnet") | ("KeyECDSA" | "KeyEdDSA" | "KeyECDSAStark");
|
|
2163
3034
|
/** Wallet address on its corresponding network. */
|
|
2164
3035
|
address?: string | undefined;
|
|
2165
3036
|
/** Details about the key underlying the wallet. */
|
|
@@ -2197,41 +3068,60 @@ export type RegisterEndUserRequest = {
|
|
|
2197
3068
|
body: RegisterEndUserBody;
|
|
2198
3069
|
};
|
|
2199
3070
|
export type ResendRegistrationCodeBody = {
|
|
3071
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2200
3072
|
username: string;
|
|
2201
|
-
|
|
3073
|
+
/** Organization id. */
|
|
3074
|
+
orgId?: string | undefined;
|
|
3075
|
+
/** Tenant id. */
|
|
3076
|
+
tenantId?: string | undefined;
|
|
2202
3077
|
};
|
|
2203
3078
|
export type ResendRegistrationCodeResponse = {
|
|
3079
|
+
/** Human-readable success message. */
|
|
2204
3080
|
message: string;
|
|
2205
3081
|
};
|
|
2206
3082
|
export type ResendRegistrationCodeRequest = {
|
|
2207
3083
|
body: ResendRegistrationCodeBody;
|
|
2208
3084
|
};
|
|
2209
3085
|
export type SendLoginCodeBody = {
|
|
3086
|
+
/** Username/identifier of the user to send the login code to. */
|
|
2210
3087
|
username: string;
|
|
2211
|
-
|
|
3088
|
+
/** Organization id. */
|
|
3089
|
+
orgId?: string | undefined;
|
|
3090
|
+
/** Tenant id. */
|
|
3091
|
+
tenantId?: string | undefined;
|
|
2212
3092
|
};
|
|
2213
3093
|
export type SendLoginCodeResponse = {
|
|
3094
|
+
/** Human-readable success message. */
|
|
2214
3095
|
message: string;
|
|
2215
3096
|
};
|
|
2216
3097
|
export type SendLoginCodeRequest = {
|
|
2217
3098
|
body: SendLoginCodeBody;
|
|
2218
3099
|
};
|
|
2219
3100
|
export type SendRecoveryCodeBody = {
|
|
3101
|
+
/** Username/identifier of the user to send the recovery code to. */
|
|
2220
3102
|
username: string;
|
|
2221
|
-
|
|
3103
|
+
/** Organization id. */
|
|
3104
|
+
orgId?: string | undefined;
|
|
3105
|
+
/** Tenant id. */
|
|
3106
|
+
tenantId?: string | undefined;
|
|
2222
3107
|
};
|
|
2223
3108
|
export type SendRecoveryCodeResponse = {
|
|
3109
|
+
/** Human-readable success message. */
|
|
2224
3110
|
message: string;
|
|
2225
3111
|
};
|
|
2226
3112
|
export type SendRecoveryCodeRequest = {
|
|
2227
3113
|
body: SendRecoveryCodeBody;
|
|
2228
3114
|
};
|
|
2229
3115
|
export type SocialLoginBody = {
|
|
3116
|
+
/** Organization id. */
|
|
2230
3117
|
orgId?: string | undefined;
|
|
3118
|
+
/** Social login provider used to issue the JWT. */
|
|
2231
3119
|
socialLoginProviderKind: "Oidc";
|
|
3120
|
+
/** JWT id token issued by the social login provider. */
|
|
2232
3121
|
idToken: string;
|
|
2233
3122
|
};
|
|
2234
3123
|
export type SocialLoginResponse = {
|
|
3124
|
+
/** Authentication token issued to the user. */
|
|
2235
3125
|
token: string;
|
|
2236
3126
|
};
|
|
2237
3127
|
export type SocialLoginRequest = {
|
|
@@ -2244,6 +3134,7 @@ export type SsoLoginBody = {
|
|
|
2244
3134
|
state: string;
|
|
2245
3135
|
};
|
|
2246
3136
|
export type SsoLoginResponse = {
|
|
3137
|
+
/** Authentication token issued to the user. */
|
|
2247
3138
|
token: string;
|
|
2248
3139
|
};
|
|
2249
3140
|
export type SsoLoginRequest = {
|
|
@@ -2265,81 +3156,130 @@ export type SsoLoginInitRequest = {
|
|
|
2265
3156
|
body: SsoLoginInitBody;
|
|
2266
3157
|
};
|
|
2267
3158
|
export type UpdatePersonalAccessTokenBody = {
|
|
3159
|
+
/** Updated human-readable name of the Personal Access Token. */
|
|
2268
3160
|
name?: string | undefined;
|
|
3161
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
2269
3162
|
externalId?: string | undefined;
|
|
2270
3163
|
};
|
|
2271
3164
|
export type UpdatePersonalAccessTokenParams = {
|
|
3165
|
+
/** Token id. */
|
|
2272
3166
|
tokenId: string;
|
|
2273
3167
|
};
|
|
2274
3168
|
export type UpdatePersonalAccessTokenResponse = {
|
|
3169
|
+
/** The access token. Only returned at creation time. */
|
|
2275
3170
|
accessToken?: string | undefined;
|
|
2276
3171
|
dateCreated: string;
|
|
3172
|
+
/** ID of the credential associated with the access token. */
|
|
2277
3173
|
credId: string;
|
|
3174
|
+
/** Whether the access token is active. */
|
|
2278
3175
|
isActive: boolean;
|
|
2279
3176
|
/** Access token kind. */
|
|
2280
3177
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
3178
|
+
/** User id. */
|
|
2281
3179
|
linkedUserId: string;
|
|
3180
|
+
/** ID of the application the access token is linked to. */
|
|
2282
3181
|
linkedAppId: string;
|
|
3182
|
+
/** Human-readable name of the access token. */
|
|
2283
3183
|
name: string;
|
|
3184
|
+
/** Organization id. */
|
|
2284
3185
|
orgId: string;
|
|
3186
|
+
/** Permissions (roles) assigned to the access token. */
|
|
2285
3187
|
permissionAssignments: {
|
|
3188
|
+
/** Human-readable name of the permission (role). */
|
|
2286
3189
|
permissionName: string;
|
|
3190
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2287
3191
|
permissionId: string;
|
|
3192
|
+
/** ID of the permission assignment. */
|
|
2288
3193
|
assignmentId: string;
|
|
3194
|
+
/** List of API operations granted by this permission. */
|
|
2289
3195
|
operations?: string[] | undefined;
|
|
2290
3196
|
}[];
|
|
3197
|
+
/** Public key associated with the access token. */
|
|
2291
3198
|
publicKey: string;
|
|
3199
|
+
/** Token id. */
|
|
2292
3200
|
tokenId: string;
|
|
2293
3201
|
};
|
|
2294
3202
|
export type UpdatePersonalAccessTokenRequest = UpdatePersonalAccessTokenParams & {
|
|
2295
3203
|
body: UpdatePersonalAccessTokenBody;
|
|
2296
3204
|
};
|
|
2297
3205
|
export type UpdateServiceAccountBody = {
|
|
3206
|
+
/** Updated human-readable name of the Service Account. */
|
|
2298
3207
|
name?: string | undefined;
|
|
3208
|
+
/** Value that can be used to correlate the entity with an external system. */
|
|
2299
3209
|
externalId?: string | undefined;
|
|
2300
3210
|
};
|
|
2301
3211
|
export type UpdateServiceAccountParams = {
|
|
3212
|
+
/** ID of the service account. */
|
|
2302
3213
|
serviceAccountId: string;
|
|
2303
3214
|
};
|
|
2304
3215
|
export type UpdateServiceAccountResponse = {
|
|
2305
3216
|
userInfo: {
|
|
3217
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2306
3218
|
username: string;
|
|
3219
|
+
/** Display name of the user. */
|
|
2307
3220
|
name: string;
|
|
2308
3221
|
/** User id. */
|
|
2309
3222
|
userId: string;
|
|
2310
3223
|
/** User kind. */
|
|
2311
|
-
kind: "DfnsStaff" | "
|
|
3224
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
3225
|
+
/** UUID of the user's primary credential. */
|
|
2312
3226
|
credentialUuid: string;
|
|
2313
|
-
|
|
3227
|
+
/** Organization id. */
|
|
3228
|
+
orgId?: string | undefined;
|
|
3229
|
+
/** Tenant id. */
|
|
3230
|
+
tenantId?: string | undefined;
|
|
3231
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
2314
3232
|
permissions?: string[] | undefined;
|
|
3233
|
+
/** Whether the user is active. */
|
|
2315
3234
|
isActive: boolean;
|
|
3235
|
+
/** Whether the user is a service account. */
|
|
2316
3236
|
isServiceAccount: boolean;
|
|
3237
|
+
/** Whether the user has completed registration. */
|
|
2317
3238
|
isRegistered: boolean;
|
|
3239
|
+
/** Permissions (roles) assigned to the user. */
|
|
2318
3240
|
permissionAssignments: {
|
|
3241
|
+
/** Human-readable name of the permission (role). */
|
|
2319
3242
|
permissionName: string;
|
|
3243
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2320
3244
|
permissionId: string;
|
|
3245
|
+
/** ID of the permission assignment. */
|
|
2321
3246
|
assignmentId: string;
|
|
3247
|
+
/** List of API operations granted by this permission. */
|
|
2322
3248
|
operations?: string[] | undefined;
|
|
2323
3249
|
}[];
|
|
2324
3250
|
};
|
|
2325
3251
|
accessTokens: {
|
|
3252
|
+
/** The access token. Only returned at creation time. */
|
|
2326
3253
|
accessToken?: string | undefined;
|
|
2327
3254
|
dateCreated: string;
|
|
3255
|
+
/** ID of the credential associated with the access token. */
|
|
2328
3256
|
credId: string;
|
|
3257
|
+
/** Whether the access token is active. */
|
|
2329
3258
|
isActive: boolean;
|
|
2330
3259
|
/** Access token kind. */
|
|
2331
3260
|
kind: "Pat" | "ServiceAccount" | "Token" | "Code" | "Recovery" | "Temp" | "Application";
|
|
3261
|
+
/** User id. */
|
|
2332
3262
|
linkedUserId: string;
|
|
3263
|
+
/** ID of the application the access token is linked to. */
|
|
2333
3264
|
linkedAppId: string;
|
|
3265
|
+
/** Human-readable name of the access token. */
|
|
2334
3266
|
name: string;
|
|
3267
|
+
/** Organization id. */
|
|
2335
3268
|
orgId: string;
|
|
3269
|
+
/** Permissions (roles) assigned to the access token. */
|
|
2336
3270
|
permissionAssignments: {
|
|
3271
|
+
/** Human-readable name of the permission (role). */
|
|
2337
3272
|
permissionName: string;
|
|
3273
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2338
3274
|
permissionId: string;
|
|
3275
|
+
/** ID of the permission assignment. */
|
|
2339
3276
|
assignmentId: string;
|
|
3277
|
+
/** List of API operations granted by this permission. */
|
|
2340
3278
|
operations?: string[] | undefined;
|
|
2341
3279
|
}[];
|
|
3280
|
+
/** Public key associated with the access token. */
|
|
2342
3281
|
publicKey: string;
|
|
3282
|
+
/** Token id. */
|
|
2343
3283
|
tokenId: string;
|
|
2344
3284
|
}[];
|
|
2345
3285
|
};
|
|
@@ -2350,26 +3290,43 @@ export type UpdateUserBody = {
|
|
|
2350
3290
|
isSSORequired: boolean;
|
|
2351
3291
|
};
|
|
2352
3292
|
export type UpdateUserParams = {
|
|
3293
|
+
/** User id. */
|
|
2353
3294
|
userId: string;
|
|
2354
3295
|
};
|
|
2355
3296
|
export type UpdateUserResponse = {
|
|
3297
|
+
/** Username/identifier of the user (any unique string accepted, e.g. your internal user ID or email). */
|
|
2356
3298
|
username: string;
|
|
3299
|
+
/** Display name of the user. */
|
|
2357
3300
|
name: string;
|
|
2358
3301
|
/** User id. */
|
|
2359
3302
|
userId: string;
|
|
2360
3303
|
/** User kind. */
|
|
2361
|
-
kind: "DfnsStaff" | "
|
|
3304
|
+
kind: "DfnsStaff" | "TenantUser" | "CustomerEmployee" | "EndUser";
|
|
3305
|
+
/** UUID of the user's primary credential. */
|
|
2362
3306
|
credentialUuid: string;
|
|
2363
|
-
|
|
3307
|
+
/** Organization id. */
|
|
3308
|
+
orgId?: string | undefined;
|
|
3309
|
+
/** Tenant id. */
|
|
3310
|
+
tenantId?: string | undefined;
|
|
3311
|
+
/** @deprecated - Flat list of API operations the user has access to. */
|
|
2364
3312
|
permissions?: string[] | undefined;
|
|
3313
|
+
/** Whether the user is active. */
|
|
2365
3314
|
isActive: boolean;
|
|
3315
|
+
/** Whether the user is a service account. */
|
|
2366
3316
|
isServiceAccount: boolean;
|
|
3317
|
+
/** Whether the user has completed registration. */
|
|
2367
3318
|
isRegistered: boolean;
|
|
3319
|
+
/** Whether the user must authenticate via SSO. */
|
|
2368
3320
|
isSSORequired: boolean;
|
|
3321
|
+
/** Permissions (roles) assigned to the user. */
|
|
2369
3322
|
permissionAssignments: {
|
|
3323
|
+
/** Human-readable name of the permission (role). */
|
|
2370
3324
|
permissionName: string;
|
|
3325
|
+
/** ID of the permission (also referred to as "role" in the dashboard). */
|
|
2371
3326
|
permissionId: string;
|
|
3327
|
+
/** ID of the permission assignment. */
|
|
2372
3328
|
assignmentId: string;
|
|
3329
|
+
/** List of API operations granted by this permission. */
|
|
2373
3330
|
operations?: string[] | undefined;
|
|
2374
3331
|
}[];
|
|
2375
3332
|
};
|